I have recently had spamming problems because of formmails written in php that use the mail() function. They do not have enough checks written into them and spammers can post to them and send out TONS of mail. They post in to the form submission a 'BCC: (ton of addresses)' and it sends to them. I guess I can rewrite the script to not send out to bcc: but who is to say there aren't a ton of other scripts that can do this same thing, I do not want to spend hours first finding then changing all of these scripts. Is there not a way I could globally disallow the sending of mail through php mail() to bcc: (without just shutting off php mail() to all scripts) ? Here is the php sending line; mail($recipient, $subject, $body, $mailheaders); Does the 'bcc: (ton of addresses)' have to be in $mailheaders for this to work for them?