Highlighted

How are most of you adding 'mailto' links these days?

Contributor ,
Sep 24, 2018

Copy link to clipboard

Copied

I don't code on the regular anymore, and need to add a simple "click here to contact" button (png) on a page. Wasn't sure how developers were protecting their addresses from easy harvesting in 2018, or if they were even still bothering anymore. (Are they?)

I'd be open to anything that doesn't require more than regular ul/dl ftp access to the web server.

Thanks.

Views

937

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

How are most of you adding 'mailto' links these days?

Contributor ,
Sep 24, 2018

Copy link to clipboard

Copied

I don't code on the regular anymore, and need to add a simple "click here to contact" button (png) on a page. Wasn't sure how developers were protecting their addresses from easy harvesting in 2018, or if they were even still bothering anymore. (Are they?)

I'd be open to anything that doesn't require more than regular ul/dl ftp access to the web server.

Thanks.

Views

938

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Sep 24, 2018 0
Adobe Community Professional ,
Sep 24, 2018

Copy link to clipboard

Copied

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 24, 2018 1
Adobe Community Professional ,
Sep 25, 2018

Copy link to clipboard

Copied

It's an easy solution sure, but there's no way that hasn't been defeated, many, many times over, since it was created in 2003. It still uses mailto: in the source code and then converts each letter of the address to another set of "known entities". It may be better than nothing, but only just.

@Under S.,

The best way to protect your email address is to never allow the user's browser (or a email harvesting bot) to see it. Use a server-side "Form to Email Script". That way, the email address is safely stored on the server and completely unknown to the browser or bot. The user fills in a small form, hits send and the server processes the data then sends it to the correct email address. You can put additional security of Captcha or equivalent for real person verification steps in if you like, but even if you don't, and you get a few spam submissions, the actual email address is still unknown to bad actors.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 25, 2018 1
Contributor ,
Sep 25, 2018

Copy link to clipboard

Copied

The reason I didn't want to implement a form was because this is a simple single landing page offering 2 options : a PDF file (containing product list and photos) and an email link. The PDF file would've opened inside the browser or saved to disc, depending on how the user opens it. The email link would've spawned a blank pre-addressed email. In other words, there is no 2nd page to this website.

I wouldn't mind the form idea if it was presented as an overlay instead of being called as a 2nd page. In other words, when clicking email, the form slides into view (over everything). And upon hitting send, it slides back out. This would work on both desktop and mobile.

I don't suppose you have something similar to recommend?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 25, 2018 0
Adobe Community Professional ,
Sep 25, 2018

Copy link to clipboard

Copied

The blank pre-addressed email will only appear IF the user has an email client installed and set up on their computer. A great many people online no longer do, especially those using services like Gmail. When those users click a mailto: link, absolutely nothing happens.

What you're describing is pretty standard these days. Most form to email services already set the forms up in a modal window. All the website owner needs to do is copy and paste a few lines of code to their page in the designated location. 

www.constantcontact.com is one of those services.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 25, 2018 1
LEGEND ,
Sep 25, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/Under+S.  wrote

I wouldn't mind the form idea if it was presented as an overlay instead of being called as a 2nd page. In other words, when clicking email, the form slides into view (over everything). And upon hitting send, it slides back out. This would work on both desktop and mobile.

This is a 'modal' that you are referring to.  If you are using any kind of CSS library like Bootstrap or W3 CSS, it's simple to do, and it means submitting the form via AJaX in the background instead of actually submitting the page which will 'refresh' the page.  So a combination of CSS and JavaScript will take care of it.

V/r,

^ _ ^

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 25, 2018 1
LEGEND ,
Sep 25, 2018

Copy link to clipboard

Copied

I totally agree with Jon Fritz II​ on this.  NEVER use a mailto link.  And no matter how anyone tries to obfuscate it, it isn't obfuscated to a machine.  It can always be undone - in fact HAS to be undone in order for the mail server to know where to send it to.

Modal or no modal, a simple form that keeps the email address hidden is the only way to keep the email address from being harvested that will allow the user to send an email to the webadmin, or whomever the email is intended for.

V/r,

^ _ ^

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 25, 2018 1
Adobe Community Professional ,
Sep 25, 2018

Copy link to clipboard

Copied

I don't use Mailto links, ever. 

A while back, spammers got hold of my e-mail address and used it inside the return headers of their spam mail campaigns.   Eventually, my e-mail was blocked for spamming and I had to shut it down.  The only way to protect yourself is to use a scripted contact form.  If you can't create one yourself, use a 3rd party service like Wufoo.com or MailChimp.  Then embed their code inside your HTML document.

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 25, 2018 1
Contributor ,
Nov 18, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/Nancy+OShea  wrote

I don't use Mailto links, ever. 

A while back, spammers got hold of my e-mail address and used it inside the return headers of their spam mail campaigns.   Eventually, my e-mail was blocked for spamming and I had to shut it down.  The only way to protect yourself is to use a scripted contact form.  If you can't create one yourself, use a 3rd party service like Wufoo.com or MailChimp.  Then embed their code inside your HTML document.

My hosting service openly recommends using Formspree in their knowledge base. I figure they must have some kind of deal with them for such a targeted recommendation.

I would, however, feel more secure using a local script, than one that has its contents verified by a 3rd party at every process. I realize that almost everything that goes through the internet is a privacy risk, but isn't this just asking for trouble long-term? If you pros tell me there is virtually no downside to using Formspree for a low-traffic website, I'll probably do it just for the convenience.

But if a local script is better, I would appreciate any recommendation you may have (especially if the installation instructions are simple).

(I more or less finished the website since this thread was active, saving the contact form for last, ie now.)

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 18, 2018 0
Adobe Community Professional ,
Nov 18, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/Under+S.  a écrit

But if a local script is better, I would appreciate any recommendation you may have (especially if the installation instructions are simple).

well this pieces of classes are pretty well adapted to every context... and really easy to use and set... plus there is a class.smtp very usefull... GitHub - PHPMailer/PHPMailer: The classic email sending library for PHP

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 18, 2018 0
Contributor ,
Nov 18, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/B+i+r+n+o+u  wrote

well this pieces of classes are pretty well adapted to every context... and really easy to use and set... plus there is a class.smtp very usefull... GitHub - PHPMailer/PHPMailer: The classic email sending library for PHP

At first glance, these instructions seem tailored for PHP experts. I'm more of a designer that picked up HTML/CSS along the way and relies on "for dummies" scripts for everything else (all my pages are PHP, but mostly because I like using PHP includes and variables, literally the only thing I know to do in PHP on my own).

I've used form scripts that were tailored for dummies back when I started, years ago (that tell you exactly where every piece of code goes) but I wouldn't even know where to begin with this one.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 18, 2018 0
Adobe Community Professional ,
Nov 18, 2018

Copy link to clipboard

Copied

I completly understand what you said... and before sending this previous link I knew that too... but believe it or not... as I said previously it's really pretty easy to used... and that's why I gave you this link

so that said....

on the github you will find plenty examples adapted to real life needs when sending mail

PHPMailer/examples at master · PHPMailer/PHPMailer · GitHub

from there... you can try a real easy one ... first just sending and email from PHP

PHPMailer/sendmail.phps at master · PHPMailer/PHPMailer · GitHub

then try a contact form

PHPMailer/contactform.phps at master · PHPMailer/PHPMailer · GitHub

anyway, if you google on this subject (phpmailer examples), you'll find a lot of tutorial around there... as

How to Send with PHPMailer – Mandrill Knowledge Base

https://blog.teamtreehouse.com/sending-email-with-phpmailer-and-smtp

https://alexwebdevelop.com/phpmailer-tutorial/  (if this link give you a commercial, you'll find a closing cross on the top right of the covering layer....

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 18, 2018 0
Adobe Community Professional ,
Nov 18, 2018

Copy link to clipboard

Copied

See my Reply #5 in this related discussion from yesterday.

Contact form issue and question.

I have no experience with FormSpree but I greatly dislike that they leave your e-mail address exposed to robot harvesters.  

<form action="https://formspree.io/your@email.com" method="POST">

For that reason alone, I would not use their service.

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 18, 2018 1
Adobe Community Professional ,
Nov 18, 2018

Copy link to clipboard

Copied

If obfuscating email address be sure to include the 'mailto:' bit for obfuscation too.  The safest approach though is using a php script/web form that doesn't expose the email address.


Paul-M, ACP - www.webspectrum.co.uk

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 18, 2018 1
Adobe Community Professional ,
Nov 18, 2018

Copy link to clipboard

Copied

Here's a simple PHP obfuscation solution:

<?php

function protectMail($s) {

    $result = '';

    $s = 'mailto:' . $s;

    for ($i = 0; $i < strlen($s); $i++) {

      $result .= '&#' . ord(substr($s, $i, 1)) .

        ';';

    }

    return $result;

  }

?>  

Then use the function like this:

<a href="<?php echo protectMail('someone@somewhere.com'); ?>">email me</a>


Paul-M, ACP - www.webspectrum.co.uk

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 18, 2018 0
Contributor ,
Nov 19, 2018

Copy link to clipboard

Copied

Energize  wrote

Here's a simple PHP obfuscation solution:

<?php

function protectMail($s) {

    $result = '';

    $s = 'mailto:' . $s;

    for ($i = 0; $i < strlen($s); $i++) {

      $result .= '&#' . ord(substr($s, $i, 1)) .

        ';';

    }

    return $result;

  }

?>  

Then use the function like this:

<a href="<?php echo protectMail('someone@somewhere.com'); ?>">email me</a>

Does this provide more protection than the solution provided by BenPleysier at the top of this thread, which everyone else discouraged me from using?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 19, 2018 0
Adobe Community Professional ,
Nov 19, 2018

Copy link to clipboard

Copied

Server-side scripts generally provide more protection than client-side scripts.   But  MAILTO only works for people who have an e-mail client like Outlook installed on their device.  Most people use web based e-mail now.   Thus MAILTO is not 100% reliable. 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 19, 2018 0
LEGEND ,
Nov 20, 2018

Copy link to clipboard

Copied

Not to mention, as Nancy pointed out earlier, spammers got ahold of her email address because of a mailto method.  Anything that can be obfuscated can be unobfuscated.  Even hashes (supposedly one way) have weaknesses.  An online form that contains no email address within the code cannot divulge an email address to a bot or any other method.  A hacker would have to bypass the security of the webserver, itself, view the code of the processing page directly in order to gain an email address.  The juice isn't worth the squeeze.

Go for the online form.

V/r,

^ _ ^

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Nov 20, 2018 0