in reply to Some Loser is trying to spam MY script!?! What do I do?

The spammer believes you're using the comment form to send an email to somebody who cares (like a website administrator). They've inserted an extra \n into the subject, followed by their own mail message. Many (all?) mailers interpret the extra \n as the end of the first message and the start of a second message. So the spammer is attempting to use your comment form to send his own spam to the rest of the world. Since you're sending the comments to a file and not resending a mail message, the spammer is wasting is time (and your disk space).

A good rule of thumb for anything email header related is to strip and ignore everthing after (and including) the first \n.

You should probably be more descriminating with your acceptance of form variables. Blindly using everything in CGI->vars is likely going to bite you in the end.