Go to main content

Navigation menu

Textpattern CMS support forum

You are not logged in. Register | Login | Help

  1. Index
  2. » How do I…?
  3. » best way for user to submit info via email.

Pages: 1

#1 2006-11-07 15:38:19

squaredeye
Member
From: Greenville, SC
Registered: 2005-07-31
Posts: 1,495
Website

best way for user to submit info via email.

I have a client who has asked for a submission form that requires no name or email address
ONLY a message box and submit button.

What is the best way to protect this form from incessant spamming, since the email field
would have been checking for mx info (I don’t know the technical term here).?

Should the email and name fields simply be hidden and given default values?

Any recomedations here?

:)

Matthew

Offline

#2 2006-11-07 16:29:07

jayrope
Plugin Author
From: Berlin
Registered: 2006-07-06
Posts: 687
Website Mastodon

Re: best way for user to submit info via email.

a message box (equals body of mail) only with a given receiver address, no sender and message title field:
shouldn’t be of any risk.
email injection happens especially in sender adress fields, where bot insert linebreaks and hide bdd adresses. the email standard cannot make a distinction between sender and receiver really, the body field is, to the extent of my knowledge, not affected by this.

see this wiki article
and this article and discussion

you should find check scripts (for illegal characters and linebreak insertion) via these.

Last edited by jayrope (2006-11-07 16:29:56)

A hole turned upside down is a dome, when there’s also gravity.

Offline

#3 2006-11-07 16:57:23

ruud
Developer Emeritus
From: a galaxy far far away
Registered: 2006-06-04
Posts: 5,068
Website

Re: best way for user to submit info via email.

MX checking is generally not done as an anti-spam measure. It’s mainly to catch typos. It’s easy to bypass for scanners, because anything-random@hotmail.com passes the MX check.

Try combining zem_contact_reborn with pap_contact_cleaner. The contact cleaner basically just adds an empty hidden form field. Visitors won’t see it. Robo-spammers will see it and fill the form field causing their submission to be rejected.

If you don’t require email/name fields, then don’t use them at all.

Offline

#4 2006-11-07 17:11:42

squaredeye
Member
From: Greenville, SC
Registered: 2005-07-31
Posts: 1,495
Website

Re: best way for user to submit info via email.

Ruud,
Jayrope,

That’s good to know…ahhh…I can feel my brain growing.

I will use zem_contact_reborn and pap_contact_cleaner then.

Cheers,

matthew

Offline

Pages: 1

  1. Index
  2. » How do I…?
  3. » best way for user to submit info via email.

Board footer

Powered by FluxBB