It was my understanding that CF7 could be used only as inbound mail. IE: someone on the site fills out the form, it goes to my designated email. However, I have gotten back a massive log from my host (hostgator) which clearly shows that CF7 on one of my sites is being exploited to send OUTBOUND mail. So my sites have all been flagged for spam, despite the fact that all are local personal businesses. Any thoughts on how to secure this?