I've been getting e-mails lately that are being sent from someone or something visiting my contact page.

In the subject of the message they will have something like this
Subject: b8b19f81
To: fakeaddress@mydomain.com
bcc: someone@aol.com
From: fakeaddress@mydomain.com

This is a multi-part message in MIME format.

--===============1154911951==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

rlk
--===============1154911951==--
Anyone know what this person is trying to do? It seems like they are trying to have my contact form sent to the bcc address.

They are trying to see if they can spam using your contact form, which of course, they cannot. :)

Thanks for your reply

Any ideas as to how I might put them off my tail, so that I'm not getting their crap too?
If I change the address of contact.cgi to contact123.cgi, they might have to go looking for my contact page again.
Or do you think they would be using my contact page source every time?

The best approach would be to look through your server log and find the IP address doing this. Ban that IP address from your server and that should take care of it.

the problem here is that most of these "vulnerability scanners" use proxy servers.

It a splague of the net of late it seems. if you figgure out how to shake em, let me know [subscribed]

-jason

An easy no brainer would be to just rename the contact script to something like asjd74k47d.cgi.

Either way, they are not able to actually do what they are trying, which you can see by the TO and Subject fields and attempt at changing content type.