in reply to
Re: Matt's Script Archive Strikes Again!
in thread Matt's Script Archive Strikes Again!
formmail is hideously flawed and should never be used. it relies on checking the the HTTP_REFERER for all of its "security". this is trivially spoofed. i'd seriously recommend finding another script that lets you specify the recipient email address in a config file somewhere on the server. or, if you have an extra half-hour, you could write your own (you'd only have to do it once, then you could reuse it for all your clients).