I want to list an email on one page in a biography and then on another page I want to have a contact form where users can submit emails to our company.

My understanding is that both mailto links and form elements can be taken advantage of by spambots without some sort of protective elements in place. I have read of Captcha's but my understanding is they aren't very effective anymore. What measures can I take to protect my site from unwanted spam?

Also, I understand forms can be used for SQL injection attacks, anything I can do to protect myself from these elements or is the fact that I'm not using a database exempt me from these isssues?

i haven't heard from anywhere that captchas aren't very effective any more. I use them on all my forms and never get any spam. For the mailto links use some javascript. Spammers don't take the time to try and read it and usually blocks most of them. There are several techniques which you can find by searching google.

Regarding the SQL injection attacks, unless your form submits data to your database you won't have a problem. If you do have a form that submits something to a database like a registration form, you'll have to read up on it. It's too complex to explain in a thread like this, however since you aren't using a database with your forms you won't have a problem. Just put captcha on them.

Good luck