Exploiting my Contact Form

I had a tricky guy exploiting my contact form. He sent a spam message and on the email address, instead of putting his own, he was putting the one he wanted to Spam. For some reason the messages were not even delivered to me, so he was exploiting it until Mailgun told me I am reaching the 10,000 sending limit.

He sent even a HTML message like that:

<br>
<br>
<a href="https://x5p.bittrexbrok.com/7c4124f"> <img src="https://1.bp.blogspot.com/-J5OYitPTZ_4/X-ZGf_FtA_I/AAAAAAAAAZs/1udOpuxRlTwRlAw2OX1REdd62uxlRHzLgCLcBGAsYHQ/s1024/06.jpg?ac=ah" /> </a>
<br>
<br>

I wonder what to do in order to avoid this in the future.
Will need a SPAM filter – Maybe Akismet?
Is there a way to disable the submission of HTML tags in the contact form? That would limit the attacker at least to text messages.

And I wonder whether I can do a denunciation of this spammer, so that he does not continue to do this at another site.