And what if they do send the 123?
They wont
they will - i've seen some spammers really trying to analyze some feedback forms, etc. - next day the customer "fixed" it somehow, and the spammer found out again how to circumvent it.
for the php users i've found a solution where i patched tha mail() function to not allow linefeeds etc. in header and to: lines. i've documented it some time ago here: http://wiki.hidden.ch/index.php/PHP#Patch_von_mail.c_f.FCr_mail.28.29-funkti on
(i'm not telling you that THIS is the solution, but it helped a lot if you do hosting and have some dummy users ;-))
but also for me: the correct way to suppress such spam is directly at the source (in this case the formmail/mailer/whatever script). this can be some session tricks, captchas (btw: http://sam.zoy.org/pwntcha/ is really impressive; seems that spammers have the knowledge to circumvent captchas) are ways to "harden" your script.
-steven