Written
We have seen some cases where there are regular 'spam' emails from the same IP address. Usually these aren't really spam but are the result of a anti-hack scanner or a web-bot scanning the site and testing all the URLs they find - including the action URL of your form. This FAQ has some simple code to block all submissions from those IP addresses.
Add a Custom Code action as the first action in the On Submit event of your form and add this code:
<?php
$banned_ips = array(
'111.111.111.111',
'999.999.999.999'
);
$ip_address = JRequest::getString( 'REMOTE_ADDR', '', 'server' );
if ( in_array($ip_address, $banned_ips) ) {
$app = JFactory::getApplication();
$app->redirect('index.php');
}
?>
Change the array of banned ips to include the addresses you want to block; and set a URL to redirect users too. Here it will redirect to the site home page.