Hi I'm currently going through all of my sites and changing any contact form that uses php mail() over to smtp. I've had some server troubles recently and need to make it more secure. I've been looking at quite a few scripts to use, all of them seem very similar however there is a difference between them and as a result I can't tell which would be the most secure method.

Basically it concerns who should be sending the email or rather the $from variable.

Should I script it so that the email is sent from the person who is completing the form or should it be the server registered email address that I authenticate and just have their email address in the message body?

Or am I over thinking it?

I just want the most secure method.

Any thoughts?