E-mail in the source : a no-go? - html

I have a contact form where the email is actually accessible in the source, because I'm using a cgi file to process it. My concern are the mail crawlers, and I was wondering if this is a no-go and I should switch to another more secure form. Or, if there was some tricks to 'confuse' the crawlers ? Thanks for your ideas.

If you're putting the destination address of the email in the HTML form, then not only is it a problem for mail crawlers, but spammers will use your contact form for spamming other people. All they would have to do is submit the same form with a different address in that field, and your mail server will happily send their message to a third party. You do not want to do this, as your server will quickly become blacklisted for sending spam.

If by source you mean the HTML source, then absolutely that's a problem. Can you edit the cgi file to hardcode it there?

I always convert the characters of email addresses (including the mailto statement if applicable) into character entities. This seems to work nicely, I have yet to receive automated spam on certain email addresses which are available in this manner on different websites. This converter illustrates what I mean.

Yes, you should avoid that to minimize spamming.
An easy way would be to just obfuscate the e-mail, replacing . with -dot- and # with -at- etc.
If a human needs the address, he knows what that he has to perform
If your CGI script takes this address as input, it has to de-obfuscate first, reverting all obfuscations.

Related

Data sent to email on HTML form submit

I want to create a feedback form where the users input data and when they press submit button, all the data entered is received by the admin at an email address which has been predefined in the code.
i don't want to use "mailto" as it opens another service. Is there any way to send data to email through the HTML form itself?
Forms send data to the URL specified in the action attribute.
mailto: URLs, which you have sensibly ruled out, are highly unreliable.
The only other kind of URL which can be usefully used is an http(s) URL where it is then processed by server side code.
If you want to send the emails to a different address then you need to change the server side code so it doesn't use a single address.
After a lot of research, I have decided to use https://formsubmit.co for this purpose. The details are present in their documentation.
It was exactly what I wanted, and completes my requirements. Thank you to everyone for their help.

Auto-fill gmail BCC line based on To field

I am trying to augment my CRM that I have. The high level problem is that I've to enter multiple email addresses every time I want to write a message. This becomes a particular problem when replying to a message and forgetting to enter a special BCCed email address. I'd like to not have to remember to do that. I want, when I am using gmail, for an address in the To/CC line to trigger an auto-population of an address in the BCC line.
Here is how I think I would do this now:
My idea is to do, implement a map/dict/whatever by using two columns in a google spreadsheet (sheet) document. (Using the sheet means an easy visualization to my dict and an easy ability to share with permissions etc.)
The first column would be the To/CC email address and the second column would be the auto-populated BCC email address.
Then I'd like to have code run on my computer that allows me to use gmail as you would without having to think about whatever will automatically go into the BCC field. (Bonus points for figuring out a way for me to code something up that allows me to not have to think about this when sending email from the gmail app on my iPhone.)
It may seem from my abstract description that I would need to hire someone to do this but I know I can code this myself. I just need to be pointed to the correct APIs and be notified of any gotchas that I should avoid.
Currently I was going to write a google contextual gadget to handle auto populating the field. Is that the best way? Or is a greasemonkey/whatever script better? What is the general approach I should take to tackling the problem?
To fix the phone/other-email-frontend problem would a Google Apps Script that acts like a cron job to check the most recent sent emails and if they don't have the proper bcc then just forward those emails with an appropriate bcc be reasonable?
Basically, am I off base or on track with my solution? If I am on track give me a bit more information on appropriate plan of attack. If I am off base then point me in the right direction.
I would appreciate your help.
I don't think you are going to be able to do this inside of gmail. You could save a bunch of Drafts with the correct BCC emails, and put the TO: email in the subject line so that you could see who that draft was meant for, then change the subject line.
You could have a dialog box in your spreadsheet that you designed to look like an email compose screen. That would be the most straight forward approach. You could have a stand alone App, that had an input screen that was designed to look like an email compose screen.
Basically, you'd need to design your own user interface rather than using gmail. But the gmail compose window isn't anything very complicated, so if it's just a plain text email, it should be easy enough.
Your question would be more understandable with a concrete example of the problem (I'm not sure I entirely understand it). But Gmail supports mailto: URLs quite well. Perhaps that is the answer to what you want to do.
There are various scripts to help you generate a mailto: the way you want, so have a look at something like http://sislands.com/coin70/week6/mailtoCreator.htm

Can we send mail using HTML static page

i have made a static site with only html static pages but now i want a contact us from where in one can recieve the info entered by user via mail.so, basically i want to know whether i can send email using HTML like using javascript or something if yes then please help.
You can't send an email with just HTML (From the Front-End) unless you don't mind interacting with a third party service provider which can do the back-end process for you.
Otherwise, you need to use the Back-End, the most common and easiest way to do this is with PHP.
Your "send mail" code would ultimately have to execute on the server, which requires a postback from the HTML page, but the HTML page (or its (script) contents) can't (and shouldn't, even if possible) use local (the user's) settings and facilities to send email.
NO! JavaScript can’t email a form! but, there are alternatives to send the form data to an email address.
PHP mail() function is the best in my eye. Read more about it here: PHP mail() function

browsers mailto issue?

i have an application that has to return emails to a user with his email client, but in some cases I have to pass around 1000 emails.
I'm using mailto on href, something like this:
mailto:info#useremail.com?bcc=email1#test.com,email2#other.net,anotherone#dfsf...
Why am I returning to his email client instead using PHP mail() function?
Because the user sender email depends on which computer he is using, and he needs to archive thoose emails.
The problem:
Some browsers, if the email list is bigger than X, it won't send to his preferred email client.
You could output the full BCC list and ask the user to copy-paste it in. But maybe you should just rethink your entire strategy if you want to pass thousands of e-mail addresses to a user.
That's because the length of a GET request (and such a link is a GET request) has a maximum. On some browsers it might only be 2083 characters. So any email address behind that limit will not be send to the client email program. And thousand of email adresses will break the limit.
For anything other than a simple mailto:address with no parameters, mailto: URLs are massively unreliable and should be avoided. URL-length issues are only the beginning.
on some cases i have to pass around 1000 emails...
Even if a mailer could cope with getting the URL, a user's residential ISP is unlikely even to allow them to send that.
Give up. Send the mails yourself from PHP. Send a copy to the user for the archival purposes.
Passing a user thousands of email addresses is very unusual.
Generally, a more typical application would use PHP mail() on the server side, and then allow browsing the archives of whatever notifications have been sent out. The mail stays on and is sent from the web server, but allows the user to see what's gone out in the past.
On the minus side, that's a good bit more code, but probably the only way to fix the problem you're having; mailto: wasn't meant for large volume.

html form within mail client

Ok, get this.
I have been assigned to write an html form to be EMAILED to clients so that they can fill it in and submit it FROM THE EMAIL CLIENT! apparently emailing a link to the existing form on our website is not good enough.
I am still trying to get my head around this as it seems almost void of common sense, but anyways, my guess is that I will have no way of validating data, and if actually works, how will the user know? WTF?????
Get this, They will be emailing both a pdf and an html doc to clients, I tried putting my case forward but apparently the marketing pro's say IT IS POSSIBLE AND MUST BE DONE, WORKING BY FRIDAY!
This is not a good idea on many fronts:
Not all email clients will support a form post from HTML
see: http://www.campaignmonitor.com/blog/post/2435/how-forms-perform-in-html-emai/
No clientside validation
What's exactly wrong with a link?
How are you getting data from PDF form submission? You can get expensive form tools from Adobe: http://www.adobe.com/government/forms.html
Some spam / av checkers will dispose of form based emails.
There are only two possiblities: first one the mail client must have a php runtime environment to run the php script locally, also an embedded mail server - which isnt the case for the most of them. Second one is that your mail client acts like a browser and displays the form (which is located still on the internet) in his mail viewing window (which is perhaps possible but i dont know any common mail client doing this).
So you either submit a link to the form or you construct the mail this way, that there're placeholders to be filled and submitted like a normal mail response.
This idea is plainly wrong. You're creating a phishing vector for your company which could expose them to huge legal liability. Just ask them how much money they are going to be putting into the legal defense fund in order to pay out for the lawsuits they are going to lose.
An adobe pdf server is about the only reasonable method for doing this, but that takes lots of cash and work on your network to support a new type of server.
It's generally bad idea. Most email clients only allow limited HTML, with limited CSS and without any JavaScript at all.
See: http://www.sitepoint.com/code-html-email-newsletters/
Many mail clients will not allow submitting any form (at least with standard security settings).