Thanks for the tip. With spammers getting wilder and more desparate by the week (or so it seems to me) this kind of precaution is wise.

Another simple way to deal with it is just change the name of the script, it won't "fix" the code, but the likliehood of a spammer finding and using it is lessened.

another good idea is to have someone write you a new one. :)

I haven't looked through the formmail script actually, I have just heard all of these problems. I guess I should really take a look.

Just make sure you use the latest version. 1.9 I think.

I had a customer who got hit by an email spammer and just updating the ver fixed the problem.

My FormMail script resides one directory level above my root level pages making it unavailable for any hacker that may get by other defences at my domain.

keyplyr, this is probably a stupid question, but how do you put it one level above root?

Purple_Martin - well, actually I can't take credit for this ingenuity, my host keeps a security updated, generic copy installed there. I had a customized copy in a cgi-bin at my domain level but it was continuiously abused by spammers. My host eventually offered a shared script at the server tier level, which solved the problem.

How do you know when your script has been abused? Are they using it to send mass emails?

Exactly. If you look a the sendmail logs, you'll see who the emails were sent (or not sent) to. My log shows the attempt, but also shows the error message the sender received.