Receiving weird spam emails

[amatuer]

[!--sizeo:3--][span style=\"font-size:12pt;line-height:100%\"][!--/sizeo--]Hi All,

I've got a simple contact form which sends me an email after you have filled in the reqiured fields & clicked on submit. I need to know why I'm receiving all these weird anonymous random emails because of the sendmail.php file. Originally the email address was my domains emaill address but changed it to my webmail email address (gmail),which didnt help at all. the file works but I dont understand why I'm getting spammed. [!--sizec--][/span][!--/sizec--]

<?

$SendTo = "[email protected]";
$ThanksURL = "thankyou.htm"; //confirmation page
$SubjectLine = " Website Feedback";
$name = $_POST['name'] ;
$email = $_POST['email'] ;
$telephone = $_POST['telephone'] ;
$enquiry = $_POST['enquiry'] ;
$http_referrer = getenv( "HTTP_REFERER" );
$Divider = "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~";

// Build Message Body from Web Form Input
$MsgBody = @gethostbyaddr($_SERVER["REMOTE_ADDR"]) . "\n$Divider\n";

$MsgBody =
"This message was sent from:\n" .
"$http_referrer\n" .
"--------------------------------------------------\n\n" .
"Name: $name\n" .
"Email: $email\n" .
"Telephone Number: $telephone\n" .
"------------------------- ENQUIRY -------------------------\n\n" .
$enquiry .
"\n\n------------------------------------------------------------\n" ;

mail($SendTo, $SubjectLine, $MsgBody, "From: \"$name\"[email protected]\r\nReply-To: \"$name\" <$email>\r\nX-Mailer: chfeedback.php 2.04" );
header("Location: $ThanksURL");

?>

These are some of the emails I'm receiving.

RECENT EMAIL 1
This message was sent from:

--------------------------------------------------

Name: [email protected]
Email: [email protected]
Telephone Number: [email protected]
------------------------- ENQUIRY -------------------------

with
Content-Type: multipart/alternative; boundary=bc65d5dab9856a856f99e14116f65508
MIME-Version: 1.0
Subject: with machurer charms, a knowledge
bcc: [email protected]

This is a multi-part message in MIME format.

--bc65d5dab9856a856f99e14116f65508
Content-Type: text/plain; charset=\"us-ascii\"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

minute and tear one another s eyes out in the kitchen if you like. n with you. he two men seize the two women, and push them, still violently abusing one another
--bc65d5dab9856a856f99e14116f65508--

.


------------------------------------------------------------

RECENT MAIL 2

This message was sent from:

--------------------------------------------------

Name: [email protected]
Email: [email protected]
Telephone Number: [email protected]
------------------------- ENQUIRY -------------------------

[email protected]

------------------------------------------------------------


If someone knows why or has any suggestions pls pls reply. Cheers

[.josh]

please read this article:

[a href=\"http://www.nyphp.org/phundamentals/email_header_injection.php\" target=\"_blank\"]http://www.nyphp.org/phundamentals/email_h...r_injection.php[/a]

[448191]

I don't see how they should get your email, but I do have to note your form is sensitive to email-injection. See this thread: [a href=\"http://www.phpfreaks.com/forums/index.php?showtopic=93206\" target=\"_blank\"]http://www.phpfreaks.com/forums/index.php?showtopic=93206[/a]

Oops 30 sec too late I see, [img src=\"style_emoticons/[#EMO_DIR#]/laugh.gif\" style=\"vertical-align:middle\" emoid=\":laugh:\" border=\"0\" alt=\"laugh.gif\" /]

[amatuer]

Oooooow I see..... bloody botnets!!! rrr

I'll have a proper read of the article then add the required script and see how I go. Thanks for quick reply you guys are awesome. [img src=\"style_emoticons/[#EMO_DIR#]/wink.gif\" style=\"vertical-align:middle\" emoid=\":wink:\" border=\"0\" alt=\"wink.gif\" /]

[werty37]

[code]if ($_SERVER[HTTP_REFERER] == $our address) {

// Checks if the post is from our domain
// the mail code here


}
[/code]

Will this help...?