Hi, I'm currently working on installing a mailing form - there is an option that verifies where users send their forms from and blocks those who did not send the form from my domain.

But the problem is, this also blocks users who do not accept cookies from their browsers, use firewall or other programs that would prevent websites from tracking where they are coming from.

So I'm thinking of turning that 'checking referrer' option off, but at the same time, I'm also a little worried about security problems which would arise if I do. Just a side note, the mailbox in which the forms are sent to has already been specified in the script, not in the HTML form, so I assume that whether the form is sent from my domain or else where will still be directed to my mailbox. What harm could be done anyway? ..besides possible junk mails to my mailbox?

Anyhow, with my minimum knowledge on servers, I'm probably missing out a lot.. It'd be great if any Gurus out there can offer me some suggestions on this security thing. Thanks so much in advance.

I'm not a true guru, but if, as you say, the destination address cannot be selected by the user, the only risk is that, as you said, you can get spam in that mailbox, that's all.

It would be a problem if the user can select the destinatio, but that is not the case.

A different problem is to have your SMTP server not relaying mail from other domains, but that is a configuration duty of your hoster, not yours.