well, not only is the http referer unreliable in many cases, its also extremely easy to spoof, most of the spammers that use vulnerable mail forms write scripts to exploit them. setting the referrer is extremely easy, and no problem for them to bypass. implementing a sort of captcha image is the best way, or hardcode the recipient email address into the form so they cant send emails to anyone they want, or add extra text to the email so that they wont want to send spam with your extra words in it.
