[Arjan]

Well I got it working.
in the send message.php I added the code in two parts:

This part went into the E-mail permissions piece. Just before the initialisation of the error array.
Since (as I understood) this blocks mail sent from outside the page, I left the Die message in it. Don't make them wise

Look for:

Code:

// initialize errors array
$errors = array();

Above it add:

Code:

//ANTI SPAM PART 1
$AntiSpamMessage1 = 'Spam filter: Please send your message through the appropriate message form.'; 
$AntiSpamMessage2 = 'Spam filter: Your message has not been accepted since it has some SPAM like properties.'; 

// Make sure the form was sent from a browser 
if(!$_SERVER['HTTP_USER_AGENT']) 
{ 
    die($AntiSpamMessage1); 
} 

// Make sure the form was POSTed 
if(!$_SERVER['REQUEST_METHOD'] == 'POST') 
{  
    die($AntiSpamMessage1); 
}

//END ANTI SPAM PART 1

Then the rest goes a bit lower in the page.
In the section
// ############################### do contact webmaster ###############################

Look for:

Code:

	// if it's all good... send the email
	if (empty($errors))

Just above it add:

Code:

    //ANTI SPAM PART 2
    // Allow only the sendmessage script 
    $MyReferrer = strtolower($_SERVER['HTTP_REFERER']); 
    $MyURL = strtolower($vboptions['bburl'] . '/' . $vboptions['contactuslink']); 
    if($MyReferrer != $MyURL) 
    {  
		eval('$errors[] = "' . $AntiSpamMessage1 . '";');
    }  
	
    // Check for strings in the message body. 
    // This string is found in automated browsers (all yet) at the bottom. 
    // For completeness we parse all post variables for this string. 
    // Prepared for more recognition strings. 
    $MyStrings = array( 
        '9c53d2119880d95e96e1a71e3a6c8340',              // the start
        'dc64615b0a1e1bd3cb2689bf82248b5c',              // 2006-06-27
        'f4dd026ac39b9e2fa576404ae93f215c',              // 2006-06-30
        '849b90dee61199d2ed871b18e1575cb5',              // 2006-07-06
        '05980283d7fb0e8cc54b17a2b2a0ab96',              // 2006-07-10
        '70fcdb09b8b18b50874603a6c99fcbcb',              // 2006-07-15
        'bd0e28eaccfa349da99ddd3880835725',              // 2006-07-16
        '71b0d16f90c6ef289fb9e0b08b44fd7c',              // 2006-07-16
        'df487ef8b49cead02c1a5d00a04288ce',              // 2006-07-21
        '6d02afe3993f73507d90e3f877d8eed8',              // 2006-07-23
        '5064a72d6d1acabba6a21f655481a5b5',              // 2006-07-24
        '33766d282efd27c3468309e546e247c5',              // 2006-07-29
        'c9551bfed82d85381e7fd1deb6fef0af'               // 2006-07-30
        ); 

    // Loop through each POST item and check for the headers 
    foreach($_POST as $MyKey => $MyPostItem) 
    { 
        $MyTempItem = strtolower($MyPostItem); 
        foreach($MyStrings as $MyString) 
        { 
            if(strpos($MyTempItem, strtolower($MyString)) !== FALSE) 
            { 
		      eval('$errors[] = "' . $AntiSpamMessage2 . '";');
            } 
        } 
    } 

    // Cleanup 
    unset($MyDieMessage, $MyReferrer, $MyURL, $MyHeaders, $MyKey, $MyPostItem, $MyTempItem, $MyHeader, $MyStrings, $MyString); 
	
    //END ANTI SPAM PART 2

This second part, uses the standard errors option, so it is showed in a nice way to the user. Just in case valid users do not pass the test (though I doubt).