A method I always use is to assign a "SID" (security identifier), which is basically a random string of letters & numbers, to every record in the table.
Then, when you do a mailing, give them a link to "/email@example.com&SID=F5Yef4WJ9
The script "/whatever.asp" will do a lookup and attempt to match the user's email address with the SID found in the table for that particular record. If match, then show the form and allow a submission. If no match, bounce 'em!
Even if you have not already done this, you can add the column, fill it with NULLs, then write a VBScript that will update each record with a SID. Note that SIDs don't necessarily have to be unique in your table. It's hard enough to guess a 6-digit number for lotto! I usually make the SID 8 or 10 chars, unless it is something the user must manually type.
Case sensitivity is incorporated into the generation of the code, but you can UCASE or LCASE it just before you do the matching process. It probably won't matter unless you suspect people will tamper with the URL..
If you have multiple instances of a particular email address, then you'll have to be a little more creative.. Possibly, you could unify the SID on a per-email basis or use a "Users" table (with unique emails) for this purpose..
Any unique field that identifies the person in combination with SID will work.
If you're interested in the VBScript, PM me.
dim i, intNum, intUpper, intLower, intRand, strPartPass
' num = number of characters in SID
For i = 1 to num
intNum = Int(10 * Rnd + 48)
intUpper = Int(26 * Rnd + 65)
intLower = Int(26 * Rnd + 97)
intRand = Int(3 * Rnd + 1)
Select Case intRand
strPartPass = Chr(intNum)
strPartPass = Chr(intUpper)
strPartPass = Chr(intLower)
MakeSID = MakeSID & strPartPass