I started to receive spam at the email address which was only used on my site’s contact form (http://philipowens.com/contact/), so I deleted that email addy at my web hoster, created a new one, updated Rapidweaver with it and thought that would be the end of spam. But within a day or two, I was receiving spam again - at the completely new address. This is the only place that email address is used, so it must be ‘leaking’ from my site, despite that as far as I can tell, it’s hidden - looking at the source of the page it looks like:
No, the emails aren’t (I believe) coming via the form as they are cookie-cutter spam, and surely the spammers aren’t typing each of these into the web interface?
Ah, hadn’t thought of that. And that would explain why the same spam (almost all is German language spam, oddly enough) continued even after I’d changed the email address - likely their infernal ‘spam machine’ just kept returning to the same URL. Thanks for this heads up, it hadn’t occurred to me.
If you install CAPTCHA, they’d have to be pretty determined manually to comply with its requests every time; which isn’t saying that they won’t - alas.