Is there a bug in my script which spammers have found?

I currently manage a dating site. My server has a catch-all email feature which forwards to me any email addressed to (ANYONE at my own domain name). Spammers have forged a false non-existant email address which is supposedly from (me at my own domain name) and have spammed people with this non-existant email address. As a result of this, I now receive 5000+ daily bounced emails from bounced spam email which I didn't send. It is bouncing back to me because the spammer has forged the email address to make it appear as though I have sent it. Is there a bug in my script which allows spammers to take advantage of my site or is this something that I have no control over? The script is a modified version of the [login to view URL] personals script. ## Deliverables Is there a bug in my script which allows spammers to take advantage of my site or is this something that I have no control over? I need to know what I can do about this. Due to negative experiences in the past, I'm reluctant to give anyone access to my server, but I would like to hear your suggestions or put you in touch with my programmer who might be better able to assist you in answering any questions which I might now be able to do. I will pay if you are able to locate the source of the problem and offer a solution to eliminate it. ## Platform Linux