web forms being hijacked by spammers

[twilitestudios]

Please Help!!!!

I have lots of accounts here at hostned and one of them was suspended due to spam bots hijacking my form or script or however it works.
I have tried about 5 different php scripts, jmail, and some other supposedly "secure" scripts...
When I change the form script, it helps for a little while and then BAM!  it happens again.

Can someone please get me a SECURE script for my web forms or help me in finding one?
I can't afford to have my client's accounts shut down...
I have linux accounts as well as windows!

Cheers

[Dynaweb]

This is a big concern lately.  Security on websites is very similar to other forms of security -- there are no absolutes.  The game is to stay ahead of the bad guys.  In order to do that you must identify your vulnerabilities and secure them.  I believe a big loophole lately is with Email Injection where a spammer inserts potentially thousands of BCC lines into the form via an external script.  If your web form does not prevent against this then you will need to modify it for sure.  Other common vulnerabilities include:
- Naming your web forms "formtoemail" or "mailform" or like that.  That is just inviting for spammers looking for a new exploitable.
- Leaving email addresses "out in the open" where spambots can easily scoop them up.
- Leaving "testing" versions of form-to-email scripts up by mistake.  While you have forgotten they are there, spammers use google to find and exploit them!
- Forgetting to exclude your contact-me pages from search engine listings using either robots.txt or meta tag exclusion methods.

HostNed has a web dev team so they can evaluate and secure your forms for you if it is something that is too technical for you to do yourself.

[Dynaweb]

Our affiliate DynaWeb Designs has released their SFEPS Form to Email Script.  It is very secure and easy to set up.  Give it a try and let us know how you like it.