Hello,

Just in the process of changing mail forms from the bnb form (which i discovered has loads of exploits easily available on the net) to formmail.php

Just wondering really how secure this is as i have heard mention of formmail exploits and notice that even though i do not have formmail on my site i still clock about 20 access attempts for it a month.

Thanks again,

G

Best suggestion I can make for you - no matter what formmail program you use - would be to rename the file to anything other than "formmail.xxx".

The thieves who would abuse your formmail seem to have automated programs running, searching for files by that specific name. If you change the name, it'll make your program much harder (if not totally impossible) to locate and abuse.

I'd also suggest not including the words "form" or "mail" anywhere in the new file name. Try "Henry" or "Esmeralda" or even "go-away-you-spamming-moron". Anything that they're not likely to run a search for should (hopefully) resolve the problem.

HTH!
Syren