frank_conijn — 2011-10-31T13:33:01-04:00 — #1
felgall — 2011-10-31T14:01:19-04:00 — #2
mailto: only works inside the <a> tag in web pages and not with forms.
Expect about 1000000 times as much spam if you use mailto: as you get with a contact form as that's the first thing the spambots look for.
Also with a form you can use measures to block spammers after they start using the form. With mailto: once the spammer finds it the only solution is to delete the email address completely.
system — 2011-10-31T20:56:32-04:00 — #3
That is blatantly not true.
For starters, this works in my IE9
<form action="mailto:email@example.com" method="post" enctype="text/plain">
<input type="text" name="txt1" />
<input type="submit" name="submit" value="Send" />
When the send button is clicked, all the name/value pairs in the form are sent to the email address.
However, there are disadvantages to using mailto: including
1) Some older browsers don't support it
2) It requires the user to have an email client program installed on their computer and to have it configured to work with a POP mail account
3) The contents of the email are not encrypted for privacy.
frank_conijn — 2011-10-31T22:58:07-04:00 — #4
Expect about 1000000 times as much spam if you use mailto:
It requires the user to have an email client program installed on their computer and to have it configured to work with a POP mail account
I guess that's a compelling reason to keep using forms. Thanks. But just out of curiosity: would mailto:, whether used inside a form or as an <a> tag, work with all mail programs, also on Apples?
system — 2011-10-31T23:44:35-04:00 — #5
I would expect it would but I don't know for sure.
My understanding of how mailto works is that it sends a "message" to the operating system to startup whatever email client program it has set as the default email program. Whether it works this way in all environments I am not sure. Bottom line - imho it's better and safer to send emails from a server side script where it will work in all cases.
frank_conijn — 2011-11-01T13:37:11-04:00 — #6
Indeed. I might miss potential clients that are using web mail rather than a mail program.
stevie_d — 2011-11-01T16:35:32-04:00 — #7
As felgall says, there are ways to stop spam send through forms, but once an email address starts to get serious spam, it's dead.
That said, you can significantly improve the chances of the email address not being harvested by using @ instead of @ in the text link and the mailto address.
There are pros and cons of both mailto links and forms. Ideally you would offer both, and put suitable security measures and filters in place.
If you only use mailto links then you are ruling out anyone who isn't at their home computer, and a fair number of people who are. Anyone who doesn't have an account (that they want to use) configured on the default mail client will be unable to contact you. That includes anyone at a library or internet cafe, anyone who is borrowing a friend's computer, a significant proportion of people using mobile phones and anyone using their work computer who doesn't want to use their work email.
Do you really want to lose such a large proportion of potential contacts?
If you only use forms then you rule out people who are too inept to type their email address in correctly. That turns out to be a frighteningly high number. You also annoy people who like to keep a copy of all emails they've sent, although that's less of a big deal.
system — 2011-11-01T17:23:59-04:00 — #8
"large proportion" compared to what? Can you quote the source of data you used to arrive at your opinion the proportion of users would be large?
stevie_d — 2011-11-01T17:50:49-04:00 — #9
system — 2011-11-01T17:58:03-04:00 — #10
In the absence of supporting data, I am not convinced it will be a "large proportion" although obviously some potential contacts will be lost.
stomme_poes — 2011-11-02T05:02:02-04:00 — #11
Mailto links are retarded, and don't work on my machine (after Evolution did a final, spectacular crash, I removed it from my computer entirely... what a worthless steaming pile of code that is), I highlight the link and copy it, and paste into my mail editor. Problem solved. I do hate accidentally clicking on the things though. Annoying.
In the absence of supporting data,
zot — 2011-11-02T08:08:30-04:00 — #12
Yes, it works in my mail program on my mac.
nayen — 2011-11-03T03:33:27-04:00 — #13
I have no idea how spam messages are sent through forms but my guess will be the use of id or name attributes in the form elements. Wouldn't it help to fight spammers if you use unique attribute names other than the mostly used "name, email, message, submit" type of words?
stomme_poes — 2011-11-03T10:15:06-04:00 — #14
ademmeda: have you heard of a honeypot?
Your back-end script processing the form either dumps forms where that input is filled in, or sets those aside so you can check them later, whatever you make it do.
Won't stop human spammers using a JS-enabled and/or CSS-ready browser though. Those get askime or whatever it's called.
ralphm — 2011-11-03T10:45:56-04:00 — #15
Unfortunately, there's no surefire way to stop spam. Encoding the mailto link may help a bit, but it won't stop spam entirely. If nothing else, there are individuals out there who visit sites and send spam through forms or grab the visible email address and add it to a spam list. As mentioned, a form with a honeypot (a hidden tripwire field that a bot will fill in) does a good job, but it won't stop individuals posting spam through your form. The internet is a playground for scumbags, and you can't avoid them unless you keep away from the web entirely.
vlinder — 2011-11-05T15:26:42-04:00 — #16
yes, it will work with all the mail applications. Of cource it will not work with webmail applications.