Ruth wrote: "I'm thinking there is no way to prevent anyone from getting emails from a guestbook." The worst aspect of the malicious-copying-of-email-addresses problem seems to be harvesting by bots. These programs crawl the Web looking for the username@domain.net format and dump their finds into lists that are then sold to spammers. There are ways to defeat the bots. Anything that requires human interaction and disguises addresses to computers makes automated harvesting impractical. Some javascript programs have been written in defense. Many are free and can be downloaded for use on your site. One ("emailhide.js"?) removes the @ sign and breaks the rest of the address into username and domain.xxx. Clicking on text in the site activates the javascript to put the address back together. I haven't explored whether it's possible to use this javascript inside a guestbook. A non-javascript solution is to have the guestbook form require users to break their addresses down into parts. One input field would be for the username, another for the domain. -rt_/)