Yes, we've been seeing the same attack.
Don't worry, no spam is getting out from your server because FormMail checks the $TARGET_EMAIL pattern(s) for "To", "CC", and "BCC" fields.
The only person it's annoying is you.
You can switch off Alerts by setting DEF_ALERT to an empty string:
But, then you won't see any real errors that you may want to know about.PHP Code:
A future version of FormMail will allow you to configure the level of alerts you want to receive.