Another way to do it (that would require some coding) would be log the time and IP address of each submission of the contact us form into a database.
Before actually sending the email check to see if the same IP has used the form before. If they have, and it's above a threshold (say 5), then send them to a page telling that their access has been blocked. If they haven't you can send the form as usual.
You might then want to send yourself an automatic email so you know to add their IP address to your .htaccess file.
|