i had a similar problem a few years ago, and here's what i did:
require a cookie for the form submission. make the value of the cookie
unique for each user. whenever that person submits an email, block them by
cookie. if you knew the IP range, you could do something like CFIF
#CGI.REMOTE_ADDR#
Either of these might be a bit extreme (or not worthy) But I HTH...
1. I would change the form control names every so often and make sure you
scope them on the action page. Also add a name to the submit form control
and verify it.
2. Or you could create a list of acceptable form control names
2 matches
Mail list logo