$_POST=str_replace('@','_removeme_@_removeme',$_POST['email']); Let's not make it too easy for the spambot harvesters, shall we?
You're talking about how it displays your e-mail address when you click on the form when you're logged in? All the data it sends goes into the 'contact us' forum which is hidden. I mean, I can add that in but how would a spambot be able to get that?