One of the standard features of any modern website is the contact us form. While a convenient way for your site visitors to get in contact with you and better from a privacy point of view than putting an email address on your site it also has some issues.
Contact forms can be attacked if not secured correctly
For example a user can trick the system by putting commands into a forms text boxes like CC and BCC, effectively allowing the user to bounce emails off the web servers email system. This can have a flow on effect for not only the site owner but also anyone else who uses the same email system.
A relay attack is a method of bouncing or rebounding emails off another remote system. The effect of this is that emails will appear to be coming from the remote system and not from the true source. This is both a valid way of routing email (like using your upstream provider) across the internet and it is also a method that spammers use to mask the true source of their mass mailouts. And if you are planning on sending bulk marketing material out the best method is to use a specialised bulk mail system like MailChimp.
If you are using a plugin in WordPress or one of the other popular CMS systems they usually have some form of spam filtering, whether it is using some form of background validating or a Captcha. For those who don’t know a Captcha is generally a randomly generated number you type into to prove that you are a human and not a robot, these appear in an image that the robots cannot see, at least that’s the theory.
In the end as with everything concerning security you need to find the best balance between usability and security that is relevant to your business model. For instance a bank is going to have different security requirements to a non profit sports club.