[escaped_hn]

It probably sents an email with the blank filled in without validation.

[milesokeefe]

Nope, pretty basic server side validation in PHP:

     filter_var($_POST['email'], FILTER_SANITIZE_EMAIL)

[deeebug]

"FILTER_SANITIZE_EMAIL" doesn't do any validation. That only filters.

[milesokeefe]

Which is what I want. It prevents attacks but allows me to see the odd non-email stuff people submit.

[_RPM]

FILTER_VALIDATE_EMAIL