💾 Archived View for jacksonchen666.com › posts › 2023-09-26 › 20-03-29 › index.gmi captured on 2023-09-28 at 15:44:52. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
2023-09-26T20:03:29Z
Contact forms. You put in your email, subject, and message, then send. Works, right?
Yes. Very badly.
1. That's not going to stop spam bots. If you use HTML forms, you're not immune to attacks. I've been a victim of spam through HTML forms, and it wasn't even a contact form (although to the bots, it could've seemed like one).
2. The sender will never have that in their sent folder on their email account. That may be preferable by some, since it's possible to remove quoted contents of an email, and being able to see what you sent is helpful without the quotes (which by default is bloated).
To make sure they have a copy of the sent email in their sent folder, you would have to... You guess it, give them an email address! There's no way you could workaround that. The sent folder is special, because you cannot receive emails there.
3. An HTML form may not save. If you happen to reload the tab, close the tab, crash your browser, restart your browser, crash your computer, or something else, you lose your HTML form input.
Saving the contents of the HTML form may require JavaScript, which some of users may not get or may disable.
"How many people are missing out on JavaScript enhancement?" by Pete Herlihy
4. The user can't use their preferred email client. People do email differently. Force them to do it in a specific way (contact forms) and you're probably the insane person in the room.
5. You can't remove the Email address from Email. You'll still need it to reply, which means you have just given your email address away. You have not obscured a single thing, only caused more problems along the way.
6. You don't know how to validate email addresses.
https://www.netmeister.org/blog/email.html
I've just detailed many ways your contact form can suck. Now, how do we fix all of that?
My answer is: We can't. We delete contact forms and just give our damn email addresses, and setup proper spam filtering and stuff. More specifically:
1. Setup proper spam detection and filtering! What you have to do depends, but you may not have to do it in the first place.
2. Use Email aliases. Basically, you send and receive to an middleman email address, and you are that middleman email address instead of your real email address. Services like SimpleLogin, AnonAddy, and whatever DuckDuckGo has (note: would not recommend, sending email from alias isn't possible last I checked) could work.
I previously employed that approach, but no longer do now.
3. Use Email greylisting. Should note that not everyone may be fond of that idea, so everyone should be on board (everyone includes you, and everyone is everyone who is affected by that setting). Also, your email provider might not have that setting.
Greylisting (email) on Wikipedia
Of course, there might be more ideas, but I've ran out of them.
Does anybody actually put out their email address? Yes! People do put out their email address: