The spam is sent by your form processor, not the form itself.

It's likely that whatever script was the action for your form also needs to be removed (e.g. formail.pl, handler.php and similar)

as Receptional Andy implied the spammer has constructed a HTTP POST request of your action script using your old form parameters.

I figured that must be it. Thanks!

Hmmmm. I'm still getting forn mail and I removed the formmail software from my site. Now I'm really curious as to how they are doing this when there is no code on the page or no software to send the email:

Below is the result of your feedback form. It was submitted by
(********com) on Monday, May 12, 2008 at 09:55:59
---------------------------------------------------------------------------

name: ######

question: We offer <a href

-------------------------------------------------

if your script still exists on the server it doesn't really matter if a reference to it exists on a page on your site.
the script is still accessible to the spammer since he already has the information on where it exists and what parameters it uses.
simply fix, remove or block that script.

The software was uninstalled on May 1st and I removed all code off the page months ago.

I would say the first thing to check is the email headers to confirm that it was your web server that sent the email. If it is, there must be a copy of a form processor lying around somewhere!

also the headers may tell you which mailer program or user agent was used to send the email and you can search for that string in files in any web accessible directories.