Need dummy-proof contact form

I have waded through so many threads on creating a contact form and I am further from any sense of clarity. I have a site started with siteground using FW Pro 4 and I’d like to put a contact form on the site. Currently, the site is getting spammed on its current host with just an Info@… email address. Maybe when the site is changed, that won’t be an issue (??). This is the reason for the contact form - hoping it would be a better control on spam as well as looking a bit nicer on the website instead of the email contact.

any help for this web newbie ?

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Hi Beatrice,

You can set up a form very simply by using the PHP easiForm actions,
there is even a Freeway tutorial to walk you through it, in fact it is
so simple 99% of it is just applying the actions. The only thing out
of Freeway you will need to do is to upload an ‘ioncube’ folder to
your home directory.

1# Upload the ‘ioncube’ folder that comes with the ‘PHP easiForm’
action suite download option 1# from the download page"
http://www.easibase.com/freeway/freewayactions.php

You will need to do this with an ftp client such as Fetch or Transmit.

2# OK, onto the dummy-proof stuff, make a thanks page and give it a
name of thanks.html

3# Make a new page in Freeway for your form if not done so already and
add a ‘PHP easiForm’ page action to it, now name the form contact.php
(or something else but ending in .php).
4# Add the various elements you need on the form plus a submit button
5# Name all the elements, i’e’. name, email, message (Just name then,
PHP easiForm will do the rest).
6# Add a ‘PHP easiForm Elements’ item action to each of your forms
elements including the submit button.
7# Add an HTML item just above the form elements and the with it
selected add a ‘PHP easiForm Errors’ item action to it, add a style to
it while it is selected and this way the error text that is shown when
a user makes a mistake will have that style.
8# Select the page and in the ‘Actions’ window (Open this if not open)
enter the e-mail address the form is to be delivered to, in the
‘Required fields’ field of the action window type the required element
names that you want the user to fill in before the form can be
sent,for example. name,email,message
9# In the same ‘Actions’ window select the thanks page you created
from the ‘Success page’ menu

9# Publish and use Freeway to upload to your server.
10# Open the form URL in a browser and test your form.

If you select ‘Advanced’ in the actions window for the ‘PHP easiForm’
action then you will have their options such as, have a confirm email
sent to the user also, block emails with certain words etc. etc.

If all is working to your liking then when you purchase the license
you will be sent a license file that you upload to any folders on your
server where you have forms created with easiForm and the demo alert
will be removed.

The tutorial is at:
http://www.easibase.com/freeway/freeway_form.php

I don’t know if you have followed it but if you have maybe you can
contact me and tell me where you are having problems.
Contact me from the contact page on the above site if you get stuck
and I will guide you through.

Hope this helps
Mike

On Jan 5, 2008, at 4:31 AM, Beatrice wrote:

I have waded through so many threads on creating a contact form and
I am further from any sense of clarity. I have a site started with
siteground using FW Pro 4 and I’d like to put a contact form on the
site. Currently, the site is getting spammed on its current host
with just an Info@… email address. Maybe when the site is
changed, that won’t be an issue (??). This is the reason for the
contact form - hoping it would be a better control on spam as well
as looking a bit nicer on the website instead of the email contact.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

If the spammers knows your domain name, they can throw all the popular email names info@… sales@… steve@ john@ something will get through eventually. info@… might be deemed as the most obvious to try.

On 5 Jan 2008, at 3:31 am, Beatrice wrote:

Currently, the site is getting spammed on its current host with just an Info@… email address.

David Owen ::
Freeway Friendly Web Hosting and Domains
http://www.PrintlineAdvertising.co.uk/freeway

Sometime around 5/1/08 (at 12:40 +0000) David Owen said:

If the spammers knows your domain name, they can throw all the
popular email names info@… sales@… steve@ john@ something will
get through eventually. info@… might be deemed as the most
obvious to try.

My thoughts too. Try something less obvious, anything from inform@ to
sneakysecrets123@! Just anything that wouldn’t be on a shortlist of
possible email names.

As this is a form-driven thing it really doesn’t matter at all; the
user never sees the address itself. Unless they can see the form
source in some way, and that shouldn’t be done these days. (So much
for the file-efficiency of self-submitting forms, eh?)

k

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

On 5 Jan. 2008, 11:40 am, Printline/ineedwebhosting wrote:

If the spammers knows your domain name, they can throw all the
popular email names info@… sales@… steve@ john@ something will
get through eventually. info@… might be deemed as the most obvious
to try.

On 5 Jan 2008, at 3:31 am, Beatrice wrote:

Currently, the site is getting spammed on its current host with
just an Info@… email address.

Spammers ‘generally’ work in different ways ‘from what I have experianced’, they can take a domain and fire out emails using addresses of any configuration they can think of for that domain… basically just as you mention. If the server account is set up to have one email address only and then to bounce or fail on all others than maybe this is the case. There is not much you can do about this as there is no protection anywhere that stops them from actually doing it. If your server account is set up with a catch all then generally you will know this is happening as you will get flooded every so often with ‘Spam returned’ and ‘No user address here’ or similer emails as the accounts the spam is sent to is either bounced back to your address or returned as the address does not exist. Even with the one info address you should see the consequences of this type of spam being performed.

If the info@ has been used on the web site as Beatrice mentioned then it is probably cert that the address was picked up by a bot or some first stage spammer picking up addresses from web sites. There are many types of spammer out there, not just ones that do things the obvious way.

I have found the simpler way to combat many types of spam is to add a contact form with a new address, try and use it as the prime means of contact if possible, do not display the email on the site and reply to the address used in a confirmation is the one entered by the person who sent the form from the web site.

At the end of the day, there is not an easy way to combat spam totally and no way to combat the consequences of it at all, but there are ways of making it more difficult and hopefully so receiving less.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Mike B - I did look at those instructions before but I wasn’t clear if I could test it before buying a license. But I think I get it now - thanks, I’ll give it a-go over the next week I hope.

As for the email spam, thanks for the information here. It was enlightening. I am guessing that I can just eliminate the “info” email addy, but my sister tells me that even with her main contact address was changed due to email, she was still flooded with spam. So it sounds like the entire domain name was picked up somehow. Since we are changing host servers, would this problem go away or continue on the new host? Or would it be okay if I get some creative email address instead of the basics as mentioned?

Is it my understanding that it is NOT a good idea to reject emails that come in with an erroneous address then? Say, someone tries at info@…com and that doesn’t exist so the server sends back the message to say it doesnt exist. Is that a good thing? Or is it better to setup emails to forward them to another “junk” email addy I could setup? Or would that fill with junk?

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Hi Beatrice,

On Jan 5, 2008, at 7:00 PM, Beatrice wrote:

Mike B - I did look at those instructions before but I wasn’t clear
if I could test it before buying a license. But I think I get it now

• thanks, I’ll give it a-go over the next week I hope.

Yes you can play with t until your hearts content, if you feel it is
for you then you can register it and get rid of the alerts. I had
major problems with spam to some domains and this prompted me to write
easiForm, I looked at the measures for preventing web forms from being
used to spam with and implemented what was logical and simple to use
on most servers, the scripts have helped me, and others have reported
the same.

This will not stop people who have already got your address or who
send bulk spam from invented addresses on your domain, from what I
would guess a 9mm would seem to be the only way of stopping them!

If you have any problems or question just ask.

As for the email spam, thanks for the information here. It was
enlightening. I am guessing that I can just eliminate the “info”
email addy, but my sister tells me that even with her main contact
address was changed due to email, she was still flooded with spam.
So it sounds like the entire domain name was picked up somehow.
Since we are changing host servers, would this problem go away or
continue on the new host? Or would it be okay if I get some
creative email address instead of the basics as mentioned?

If your email addresses are being used for spam on this server then
changing servers won’t stop the spammers, they have nothing to do with
server, you will just be locating your domain to another computer
(server). Some servers off cpanel or other control panel wich
generally comes with anti spam apps like spam
assassin, everything like this you can get access to will help, it
won’t stop them from sending spam when they have ot invent addresses
but it will help deal with the spam that is sent.

Is it my understanding that it is NOT a good idea to reject emails
that come in with an erroneous address then? Say, someone tries at
info@…com and that doesn’t exist so the server sends back the
message to say it doesnt exist. Is that a good thing? Or is it
better to setup emails to forward them to another “junk” email addy
I could setup? Or would that fill with junk?

Personally I set my email filering on the server to :fail:
This just deletes messages that are not sent to an existing address,
you can set it to bounce messages but to be honest I don’t see the
point of sending this rubbish anywhere, if it is not sent to the
correct address have it deleted. This is best set up on your server if
you have access to do that, if not then talk to your isp, chances are
that this is how it is set up.

Setting up filters on your mail application still means it is
downloaded and has to be dealt with, thats why it is best to deal with
it before it gets to that stage… if possible.

Hope this helps

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Mike - I set up a form!! Yeah - I ran it the first time and it went smooth ---- BUT, the Thank you page did NOT load - only a white page with the demo info at the top!! now when I try to access the page again, it wont load - I only get that white page! Where did I go wrong?

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Hi Beatrice,

What does the demo alert say… exactly?

Mike

On Jan 5, 2008, at 8:48 PM, Beatrice wrote:

Mike - I set up a form!! Yeah - I ran it the first time and it went
smooth ---- BUT, the Thank you page did NOT load - only a white page
with the demo info at the top!! now when I try to access the page
again, it wont load - I only get that white page! Where did I go
wrong?

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

When I click the submit button I get this and the page is white - no thank you page - BUT the email data is going through.

Alert! This form is running a demo copy of easiForm, a license is needed to remove this alert.
Visit the www.easibase.com web site to purchase your easiForm licence for: serv01.siteground150.com

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

When I tried to drag/drop the link from Firefox to Safari I got this message:

Safari can’t open the page.
Safari can’t open the page “http://…/contact.php” because the server unexpectedly dropped the connection, which sometimes occurs when the server is busy. You might be able to open the page later.

It would appear I only get ONE shot at filling out the form and then it locks up. I did it once in each browser and it went. I tried to clear the cache - no deal. White screen only.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

OK, this is because the form is running without a license, you should
get an email if you have set the correct email address in the action
window.

Basically what happens is when the user has used the form by entering
the required fields easiForm will check if there is a license, if
there is not it will send the email but not divert to the thanks page,
it will just show an alert.

Guess I should make this alert more informative.

Mike

On Jan 5, 2008, at 9:18 PM, Beatrice wrote:

When I click the submit button I get this and the page is white - no
thank you page - BUT the email data is going through.

Alert! This form is running a demo copy of easiForm, a license is
needed to remove this alert.
Visit the www.easibase.com web site to purchase your easiForm
licence for: serv01.siteground150.com

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

getting spammed on its current host with just an
Info@… email address. Maybe when the site is
changed, that won’t be an issue (??). This is the reason

Have you thought about using a formmailer (the software that resides on your server sending the form input to you) that has some security features built in ?

You either may use a captcha-supporting formmailer (“please type in the chars from above image”) or simply a multi-page formmailer that requires your users to proof-read their form input and confirm sending it on a second page. Or you could also “force” people to mark a checkbox before the form submission is accepted.

Many options

I can recommend (not just since I’m the developer of, but use it myself PowerForm. It’s a formmailer that can hide your e-mail address and offers all above mentioned security featuers (except the captcha one). And it should be no matter to get it to work with Freeway.

You may check it out further at TOBIAS EICHNER IT + CONSULTING - Information Technology Is Our Universe ! . Of course, if you later have questions about Freeway implementation, it’s no problem to get support for this as well from me.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options