It is not the case that they are running your old PHP code. Their messages may be passing through your filters. Save one of them and try it yourself, with a lot of debug "echo" statements or whatever you like. They may be accessing your old PHP file still on your server, if you left it behind. Get rid of it, or replace it with the new one. They may be injecting their junk in a way that bypasses or otherwise comes "after" your filter. Your filter might be using JS, and you think the spammer can't run JS. You are wrong: http://www.mozilla.org/js/spidermonkey/ And, of course, it could be something I haven't thought of yet. :-) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php