mail to or form?

Discussion in 'HTML' started by bowler, May 21, 2007.

  1. bowler

    bowler Guest

    Does the "mailto" code work in every country? Is it better to use a
    form if you are directing your page to Polish or other East European
    readers? I am not really an expert but I can make a basic page. I will
    have to figure out how to make a form if mailto isn't universal.
     
    bowler, May 21, 2007
    #1
    1. Advertising

  2. Gazing into my crystal ball I observed bowler <>
    writing in news::

    > Does the "mailto" code work in every country? Is it better to use a
    > form if you are directing your page to Polish or other East European
    > readers? I am not really an expert but I can make a basic page. I will
    > have to figure out how to make a form if mailto isn't universal.
    >
    >


    Mailto works if the user has an email client. Mailto does not work if
    the user only has web mail, is at an Internet cafe or library, or not at
    their own computer.

    Usually, when I make contact forms, I include an option to cc the sender.

    As an aside, I find it really bothersome when there is no email address
    listed for a company, and ONLY a form. There are plenty of email
    cleaning programs out there that can clean up any spam as a result of
    this.

    --
    Adrienne Boswell at Home
    Arbpen Web Site Design Services
    http://www.cavalcade-of-coding.info
    Please respond to the group so others can share
     
    Adrienne Boswell, May 22, 2007
    #2
    1. Advertising

  3. Adrienne Boswell wrote:
    > Usually, when I make contact forms, I include an option to cc the sender.


    Spammers must love you.
     
    Leif K-Brooks, May 22, 2007
    #3
  4. Gazing into my crystal ball I observed Leif K-Brooks
    <> writing in
    news:46526ef0$0$7128$:

    > Adrienne Boswell wrote:
    >> Usually, when I make contact forms, I include an option to cc the
    >> sender.

    >
    > Spammers must love you.
    >


    Actually, I've never had a problem.

    --
    Adrienne Boswell at Home
    Arbpen Web Site Design Services
    http://www.cavalcade-of-coding.info
    Please respond to the group so others can share
     
    Adrienne Boswell, May 22, 2007
    #4
  5. Adrienne Boswell wrote:

    > Leif K-Brooks wrote:
    >> Adrienne Boswell wrote:
    >>> Usually, when I make contact forms, I include an option to cc the
    >>> sender.

    >>
    >> Spammers must love you.

    >
    > Actually, I've never had a problem.


    One of the first lines of defense is to not use:
    contact.html/php/asp/whatever
    as your file name. Or: formmail.html/pl <g>

    I have one old site that uses contact.php, and a spammer regularly
    (about once a week) tries to abuse it. Normally, he tries to stuff bcc:
    addresses into a radio button field. <g>

    The rest of my sites do not use that word and have never been found.

    --
    -bts
    -Motorcycles defy gravity; cars just suck
     
    Beauregard T. Shagnasty, May 22, 2007
    #5
  6. bowler

    bowler Guest

    On May 21, 11:56 pm, Adrienne Boswell <> wrote:
    ..........< >...............
    > Mailto works if the user has an email client. Mailto does not work if
    > the user only has web mail, is at an Internet cafe or library, or not at
    > their own computer.


    I assumed that everybody who pays for a connection also gets their own
    email address. Do some people set up their system so webmail comes up
    when they click the mailto link?

    > As an aside, I find it really bothersome when there is no email address
    > listed for a company, and ONLY a form.


    ME TOO!
    > --
    > Adrienne Boswell at Home
    > Arbpen Web Site Design Serviceshttp://www.cavalcade-of-coding.info
    > Please respond to the group so others can share
     
    bowler, May 22, 2007
    #6
  7. Gazing into my crystal ball I observed bowler <>
    writing in news::

    > On May 21, 11:56 pm, Adrienne Boswell <> wrote:
    > .........< >...............
    >> Mailto works if the user has an email client. Mailto does not work
    >> if the user only has web mail, is at an Internet cafe or library, or
    >> not at their own computer.

    >
    > I assumed that everybody who pays for a connection also gets their own
    > email address. Do some people set up their system so webmail comes up
    > when they click the mailto link?


    Some people don't pay for a connection, for whatever reason, or their
    parents have the connection. For example, my friend pays for
    cable/Internet and uses only cable. Her 14 year old daughter uses
    Internet, but has only a Yahoo address.

    I have a Yahoo account (as you can see in the message header), and I use
    it because I don't have to worry about notifying everyone if I change
    service providers (talk about a PITA). I also have a email address from
    my service provider, but I rarely, if ever, use it.

    Webmail will not come up when clicking on a mailto link (unless you're
    using a propritary browser). The application that is configured for the
    browser will come up.

    --
    Adrienne Boswell at Home
    Arbpen Web Site Design Services
    http://www.cavalcade-of-coding.info
    Please respond to the group so others can share
     
    Adrienne Boswell, May 22, 2007
    #7
  8. bowler

    Cynode Guest

    On Tue, 22 May 2007 14:43:37 GMT, Adrienne Boswell <>
    wrote:

    >Some people don't pay for a connection, for whatever reason, or their
    >parents have the connection. For example, my friend pays for
    >cable/Internet and uses only cable. Her 14 year old daughter uses
    >Internet, but has only a Yahoo address.


    Yeah, I have 5 computers in my house, we have one email address from
    our cable company that no one uses (it's forwarded to my address, but
    in the two years i've had this ISP i've gotten maybe 4 emails, all
    from the ISP). Everyone in my house uses hotmail/yahoo type mail or
    our own domain mail.

    --
    If it keeps up, man will atrophy all his limbs but the push-button finger.
    ~Frank Lloyd Wright - www.cynode.com | (NSFW) www.cynbabes.com (NWS)
     
    Cynode, May 22, 2007
    #8
  9. bowler

    dorayme Guest

    In article <46526ef0$0$7128$>,
    Leif K-Brooks <> wrote:

    > Adrienne Boswell wrote:
    > > Usually, when I make contact forms, I include an option to cc the sender.

    >
    > Spammers must love you.


    Care to elaborate?

    --
    dorayme
     
    dorayme, May 22, 2007
    #9
  10. bowler

    dorayme Guest

    In article
    <>,
    bowler <> wrote:

    > > As an aside, I find it really bothersome when there is no email address
    > > listed for a company, and ONLY a form.

    >
    > ME TOO!


    Like sending personal information to a PO box address? Or like
    the unease some people feel in seeing women in Western countries
    in head to toe Burquas?

    --
    dorayme
     
    dorayme, May 22, 2007
    #10
  11. dorayme wrote:
    > In article <46526ef0$0$7128$>,
    > Leif K-Brooks <> wrote:
    >
    >> Adrienne Boswell wrote:
    >>> Usually, when I make contact forms, I include an option to cc the sender.

    >> Spammers must love you.

    >
    > Care to elaborate?
    >

    If you allow a fill in email where message can be CC'd your could put
    nice lists like:

    ;,...

    and then put their SPAMing message in message field

    "See Britney's ***** at http://www....."

    and your form is now used to broadcast SPAM, yum!


    --
    Take care,

    Jonathan
    -------------------
    LITTLE WORKS STUDIO
    http://www.LittleWorksStudio.com
     
    Jonathan N. Little, May 22, 2007
    #11
  12. dorayme wrote:

    > In article <46526ef0$0$7128$>,
    > Leif K-Brooks <> wrote:
    >
    >> Adrienne Boswell wrote:
    >>> Usually, when I make contact forms, I include an option to cc the sender.

    >>
    >> Spammers must love you.

    >
    > Care to elaborate?


    An unscrupulous person can fill in the form using a victim's address and
    have that "cc:" go to the victim. I'd also envision that the spammer
    would make a local copy of the form, and blast it at the "action" script
    with continuous submissions.

    --
    -bts
    -Motorcycles defy gravity; cars just suck
     
    Beauregard T. Shagnasty, May 22, 2007
    #12
  13. bowler

    dorayme Guest

    In article
    <emJ4i.31784$>,
    "Beauregard T. Shagnasty" <> wrote:

    > dorayme wrote:
    >
    > > In article <46526ef0$0$7128$>,
    > > Leif K-Brooks <> wrote:
    > >
    > >> Adrienne Boswell wrote:
    > >>> Usually, when I make contact forms, I include an option to cc the sender.
    > >>
    > >> Spammers must love you.

    > >
    > > Care to elaborate?

    >
    > An unscrupulous person can fill in the form using a victim's address and
    > have that "cc:" go to the victim. I'd also envision that the spammer
    > would make a local copy of the form, and blast it at the "action" script
    > with continuous submissions.


    Trying to get my head around these points. A spammer who already
    knows the email address of people can do all manner of things,
    what is so attractive to a spammer of a form that has a CC input?
    That he gets also to send info to the form's owner?

    Perhaps the penny will drop for me, but it is still early here.

    I have learnt something from this thread: that it is likely many
    people don't like a mere contact form without a proper email
    address as an alternative means of communication. And that there
    is some downside (which I don't fathom completely) to putting in
    a CC field.

    --
    dorayme
     
    dorayme, May 22, 2007
    #13
  14. dorayme wrote:

    > "Beauregard T. Shagnasty" <> wrote:
    >> dorayme wrote:
    >>> Leif K-Brooks <> wrote:
    >>>> Adrienne Boswell wrote:
    >>>>> Usually, when I make contact forms, I include an option to cc the
    >>>>> sender.
    >>>>
    >>>> Spammers must love you.
    >>>
    >>> Care to elaborate?

    >>
    >> An unscrupulous person can fill in the form using a victim's address
    >> and have that "cc:" go to the victim. I'd also envision that the
    >> spammer would make a local copy of the form, and blast it at the
    >> "action" script with continuous submissions.

    >
    > Trying to get my head around these points. A spammer who already
    > knows the email address of people can do all manner of things, what
    > is so attractive to a spammer of a form that has a CC input?


    Spammers never send from their own accounts. They use botnets of
    clueless Windows users; they use open relays on mail servers; and they
    use insecure web forms, where they inject bcc: lists. They forcefeed to
    get maximum output in the shortest amount of time, before the
    compromised source is shut down.

    In this case, there is already a cc: field so they can annoy anyone even
    if the form itself is secure.

    > That he gets also to send info to the form's owner?


    He doesn't care about that. Adrienne probably would, as soon as her
    Inbox filled up. :-0

    > Perhaps the penny will drop for me, but it is still early here.


    <tink!>

    > I have learnt something from this thread: that it is likely many
    > people don't like a mere contact form without a proper email address
    > as an alternative means of communication. And that there is some
    > downside (which I don't fathom completely) to putting in a CC field.


    The downside is spammers can use it. The upside is .. well, the poster
    gets a copy of hir submission to the web form, for the records.
    Personally, I don't think it is necessary, so long as the web site owner
    responds in a timely fashion.

    --
    -bts
    -Motorcycles defy gravity; cars just suck
     
    Beauregard T. Shagnasty, May 22, 2007
    #14
  15. bowler

    John Hosking Guest

    dorayme wrote:
    > In article
    > <emJ4i.31784$>,
    > "Beauregard T. Shagnasty" <> wrote:
    >
    >> dorayme wrote:
    >>
    >>> In article <46526ef0$0$7128$>,
    >>> Leif K-Brooks <> wrote:
    >>>
    >>>> Adrienne Boswell wrote:
    >>>>> Usually, when I make contact forms, I include an option to cc the sender.
    >>>> Spammers must love you.


    >>> Care to elaborate?


    >> An unscrupulous person can fill in the form using a victim's address and
    >> have that "cc:" go to the victim. I'd also envision that the spammer
    >> would make a local copy of the form, and blast it at the "action" script
    >> with continuous submissions.

    >
    > Trying to get my head around these points. A spammer who already
    > knows the email address of people can do all manner of things,
    > what is so attractive to a spammer of a form that has a CC input?
    > That he gets also to send info to the form's owner?


    No. The advantage is that the spammer can use the site owner's SMTP
    server to send all the spam for him/her/it. It (the spammer) doesn't
    need to obfuscate the source or routing of its spam messages, since
    they're all coming from the poor sap who put up the Web site with the
    sieve-like contact form. The recipients can't possibly determine the
    spammer's identity or location.

    --
    John
     
    John Hosking, May 22, 2007
    #15
  16. bowler

    dorayme Guest

    In article
    <g3K4i.31970$>,
    "Beauregard T. Shagnasty" <> wrote:

    > dorayme wrote:


    > > Trying to get my head around these points. A spammer who already
    > > knows the email address of people can do all manner of things, what
    > > is so attractive to a spammer of a form that has a CC input?

    >
    > Spammers never send from their own accounts.
    >


    Right, the penny dropped. It was a second cup of tea that helped
    too. Thanks B.

    --
    dorayme
     
    dorayme, May 23, 2007
    #16
  17. bowler

    dorayme Guest

    In article <46536fbf$>,
    John Hosking <> wrote:

    .... snip my q for obvious reasons of pride ...


    > No. The advantage is that the spammer can use the site owner's SMTP
    > server to send all the spam for him/her/it. It (the spammer) doesn't
    > need to obfuscate the source or routing of its spam messages, since
    > they're all coming from the poor sap who put up the Web site with the
    > sieve-like contact form. The recipients can't possibly determine the
    > spammer's identity or location.


    I guess I was thinking that spammers had no end of means of
    obscuring their addresses without realising that this form way
    with a CC is also a good one for them and has the advantage you
    mention.

    --
    dorayme
     
    dorayme, May 23, 2007
    #17
  18. Gazing into my crystal ball I observed "Jonathan N. Little"
    <> writing in
    news:9cce$46535e36$40cba7a4$:

    > dorayme wrote:
    >> In article <46526ef0$0$7128$>,
    >> Leif K-Brooks <> wrote:
    >>
    >>> Adrienne Boswell wrote:
    >>>> Usually, when I make contact forms, I include an option to cc the
    >>>> sender.
    >>> Spammers must love you.

    >>
    >> Care to elaborate?
    >>

    > If you allow a fill in email where message can be CC'd your could put
    > nice lists like:
    >
    > ;,...
    >
    > and then put their SPAMing message in message field
    >
    > "See Britney's ***** at http://www....."
    >
    > and your form is now used to broadcast SPAM, yum!
    >
    >


    That's where server side check is most important. Email addresses have
    to be a valid format. I can also do a mx check before the message even
    gets to the SMTP server.


    --
    Adrienne Boswell at Home
    Arbpen Web Site Design Services
    http://www.cavalcade-of-coding.info
    Please respond to the group so others can share
     
    Adrienne Boswell, May 23, 2007
    #18
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Curt_C [MVP]
    Replies:
    5
    Views:
    384
    Karim
    May 19, 2004
  2. me
    Replies:
    0
    Views:
    466
  3. Tim
    Replies:
    12
    Views:
    1,305
    kchayka
    Jul 15, 2005
  4. nauticalmac

    Mail insertion hack on Send Mail form

    nauticalmac, Dec 23, 2005, in forum: ASP General
    Replies:
    0
    Views:
    287
    nauticalmac
    Dec 23, 2005
  5. Ferrous Cranus
    Replies:
    42
    Views:
    483
    Ferrous Cranus
    Sep 6, 2013
Loading...

Share This Page