Hi, I have used the following script for about a year now but yesterday I started receiving a lot of emails in my email box (looks like someone has hacked this script to send spam) Can anyone spot any improvements I could make to it? It is called from the following page http://rrbltd.co.uk/contact.htm Thanks E [code] <?php session_start(); header("Cache-control: private"); $Title = $_POST['Title']; $FirstName = $_POST['FirstName']; $LastName = $_POST['LastName']; $Email = $_POST['Email']; $Comments = $_POST['Comments']; $AddToML = $_POST['AddToML']; $_SESSION['Title'] = $Title; $_SESSION['FirstName'] = $FirstName; $_SESSION['LastName'] = $LastName; $_SESSION['Email'] = $Email; $strMailTo = 'Info@rrbltd.com'; $strSubject = 'Enquiry from Website'; $strBody = "$Comments \n Received from \n $Title $FirstName $LastName \n $Email"; if (empty($FirstName) || empty($LastName) || empty($Email)) { header( "Location: form_error.php" ); } else { $From = "From: \"$FirstName $LastName\" <$Email>\nX-Mailer: PHP/" . phpversion(); mail ($strMailTo, $strSubject, $strBody, $From); if (isset($_POST['AddToML'])) { header( "Location: http://www.rrbltd.com/registration_form.htm" ); } else { header( "Location: http://www.rrbltd.com/contact_thanks.htm"); } } ?> [/code]