marciano - 5:58 pm on Feb 9, 2011 (gmt 0)

My previous contact form used Mailcode V1.7 from myphpscript.net
I never received those mails from these bots but I guess they were attempting to find holes.
Looking inside mailer.php from Mailcode I don't see the script checking for a valid recipient domain but email address structure.
The main difference I see is that there is a SESSION security code (from captcha) that is compared with a POST security code.