just wondering how secure eform is for a simple contact form. Is there any particular anti spam measures i need to take? is captcha a must?
CAPTCHA would be your best bet. You can find examples on how to add it in the eForm documentation. eForm also has 2 parameters (&protectSubmit and &submitLimit) you can use to limit multiple submits, although these will not help against someone analysing your form and writing a submit script. Furthermore eForm has some protection against mail header injection and against forging values in hidden and select, radio & checkbox fields.