A common and effective approach is to require users to register on the site before giving them the ability to fill out the contact form (amongst other things). You ensure that the email address is unique for an account on your site, e.g. by making it the primary key in the database. Before their account is activated (enabling user privileges including contact) they are sent an email with an activation code (usually a link in the email they can simply click on to activate and log in first time). Only when their account is activated and they are logged in should they be given access to pages that write to your site. If a user clicks on contact without logging in he is prompted to either log in or register.
in reply to Is using 'Cookies' impractical for 'Contact Us' forms?