tags:

views:

29

answers:

2
+3  Q: 

"Send Email" functionality for public web-site

Hello everybody.

Public web-site provides list of employees to Internet visitors. Contact information is hidden but visitor can send email via popup email-form.

What do you think about automated-scripts/viruses/bot spam activity? Is Capture a "must" for this functionality and what kind of precautions can you suggest also?

Thank you in advance

A: 

A CAPTCHA is probably good idea -- just to avoid messages from dumb bots probing out your form. Without one, your users will probably end up getting a bunch of annoying messages.

Other than ensuring that it's actual person submitting the form, there's not much else that comes to mind.

timdev  2010-05-10 03:53:09
Thank you, but how smart are modern bots? For example if I use jquery/ajax code to show popup dialog do they smart enough to parse this?If I have postback form address - what's the best way to prevent (or minimize) "bad persons" intention to automatically send post request with email data via automated script (not a form).
Andrew Florko  2010-05-10 03:59:58
Generating the form dynamically via Javascript could be a very smart way to fool most bots out there. If the <form> tag doesn't appear in the page source directly, I suspect bot's (generally speaking) won't find it. Good thinking!
timdev  2010-05-10 04:12:05
I'm not going to construct full html form layout programmatically, just going to load it with ajax :) Anyway, thank you for your answer.
Andrew Florko  2010-05-10 06:55:44
+1  A: 

It may be worth considering some basic obfuscation: use non-standard names for your form fields (e.g. don't just use "subject", "submit", etc). The less your form resembles a standard email submission form, the less likely standardised scripts will work for it. Of course, this will not stop a determined spammer. You might also want to prevent the email submission page from being indexed by search engines to make it harder for the spammers to find in the first place.

I would also say that a captcha (or recaptcha) is very important.

seancarmody  2010-05-10 04:02:49
Thank you for the most detailed answer.
Andrew Florko  2010-05-10 06:54:37

related questions

Autosizing Textarea
Regular expression for parsing links from a webpage?
What are good tools for creating compiled HTML help files (.chm)?
Looking for WYSIWYG HTML editor
Any reason not to start using the HTML 5 doctype?
HTML comments break down
HTML Comments Markup
Setting a div's height in HTML with CSS
Wrapping lists into columns
Is a "Confirm Email" input good practice when user changes email address?
<XMP> Tag
HTML version choice
Options for HTML scraping?
How do you disable browser Autocomplete on web form field / input tag?
How do I make a checkbox toggle from clicking on the text label as well?
Html CSS Editor
Wordpress theme development offline tools
How do I give my web sites an icon for iPhone?
In HTML, how to word-break on a dash?
Detecting font in JavaScript
How do you test layout design across multiple browsers/OSs?
How do I print an HTML document from a web service?
Multiple submit buttons on a HTML form
How can I determine a web user's time zone?
Why doesn't the percentage width child in absolutely positioned parent work in IE7?