How do spammers get my .asp email?

How do spammers get my email address that is in .asp and only written on my server hardrive and not seen in the pages code?

 

maybe its just been used/sold by some company that have your email address for marketing purposes

 

Everytime I change the email address, I immediately get spammed again.

 

It is funny. I have 5 emails adresses.

1 for spam - and various free offers - I recieve 3000 spam-mails pr month.
The 4 other is personal and I use them all. But they are not receiving spam.

One of my emailadresses are even posted on public forums and you can search on google for it. That is funny that someone is getting spammed all the time and others are not receiving anything.

 

What is the solution?

 

What's funny about it?

 

You should protect your form from automatic submissions via a Captcha, e.g. http://recaptcha.net/whyrecaptcha.html

And also sanitize/validate the user input otherwise spammers may use your form to insert their own email message and send it to many other addresses via your script.

 

If you got it in code and they still manage to find it, it probably means that they somehow are able to peer into your server-side code.

I suggest running some web vulnerability scanner to check for common loopholes, which may have been used to compromise your code.

In the past I have used, Acunetix when I was still active in coding. But now there are many more choices:
http://sectools.org/web-scanners.html