FormMail Email Recipient Aliases

[oc404]

First of all, I'm a new HG customer, and I appreciate the opportunity to offer suggestions. Having moved 9 sites to my new HG reseller account in the past 4 days, tech support has been patient, fast to respond, and extremely helpful.

I'm a heavy user of the FormMail script for email handling of forms. One of the major drawbacks to this script is the need to include a recipient email address in the code, making it vulnerable to spambots. I previously worked with a reseller who provided a .FormMail.conf file that was editable from the control panel. This file allowed recipient aliases to be created, thereby requiring only an alias in the actual <form> html coding. I found this process to virtually eliminate automated spamming via FormMail.

Example of the FormMail.conf File:
[recipient_alias]
eagle=>bird@yourdomain.com
[/recipient_alias]

The html coding would then be:
<input type="hidden" name="recipient" value="eagle" />

It worked great, and I'd love to have something like that for my HostGator accounts.

Thanks,
~OC~

[ws-ns]

This sure looks like it would be something that I would use.

Have you tried suggesting it to support?
Cheers
PeteH

[dutchprovider]

Since a couple of months I use the Formmail from Tectite, is is an advanced formmail file/script in php. They have 2 ways to hide your email address in your forms, I use the "AT_MANGLE" way, that means that you can change the @ into almost everything you want so the email address in your form could be in example "infoanythingyouwantdomain.com. As long as you give the instruction in the formmail.php file!

The other way is to use php.ini to give instructions... I never tried that, the AT_MANGLE works fine!!!

With this formmail you can also receive the filled in forms in HTML in your emailclient, that's what I needed, later I read about the anti spam.

Maybe this is something for you?

[twohawks]

I think tectite rocks. I just found out about it and it is testing out great, and I think it also protects emails entered by people filling the form (very important aspect), so I am thankfully graduating from Matt's script and its variations that are out there.
I have looked into this quite a bit during the last year and it seems to me that several of the FormMail cgi's I've seen, even the one from Monkey's (I think the popular consensis is that their's is the latest greatest cgi formmail out there -- an upgrade to Matt's - thankfully [because its old]) are now being generally recommended not to use if you are really concerned about the spambots either getting your info, or a client's info, via your forms.
Monkey's, and one other one (I cannot remmeber the name of right now) is easily configurable (and has recipient variable as you asked about) and has some added security features as well, ...although a better solution if your going to continue using the cgi formmail route, its still not all that secure and you really should find something else.
There are some other php email form packages available out their. Check sourceforge, hotscripts, freshmeat, et al. But Tectite is the best free one I've seen yet - and it is so easy to use and has so many features its ridiculous.

I hope this helps. If you really still need or want the code for updating Matt's FormMail script (I am uncertain how this may relate to the one you are actually using, but...), you can try this...

Code:

Search FormMail.cgi [in Matt's] for code section "sub check_required" around ~Ln267

-------------------------
1. CHANGE:

    else {
        $valid_recipient = 0;

TO: (optionally add one or more email lines as needed)

    else {
		%recipient_alias = (
                        'email1' => 'support@my.com',
                        'email2' => 'support2@my.com',
                        'email3' => 'support3@my.com',
		                      );
        $valid_recipient = 0;
-------------------------------------------------
2. CHANGE:

        foreach $send_to (split(/,/,$Config{'recipient'})) {
            foreach $recipient (@recipients) {
	        if ($send_to =~ /$recipient$/i) {
                    push(@send_to,$send_to); last;
                }
            }
        }
        if ($#send_to < 0) { &error('no_recipient') }
        $Config{'recipient'} = join(',',@send_to);
    }

TO:

        foreach $send_to (split(/,/,$Config{'recipient'})) {
            foreach $recipient (@recipients) {
		$send_to = $recipient_alias{$send_to};
	        if ($send_to =~ /$recipient$/i) {
                    push(@send_to,$send_to); last;
                }
            }
        }
        if ($#send_to < 0) { &error('no_recipient') }
        $Config{'recipient'} = join(',',@send_to);
    }
------------------------------------------------------
3. In your html form input line for recipient, the syntax for "value" looks like...

value="email1,email2,etc"
-----------------------------------------------------

.

I hope this is helpful for anyone passing by ;^)
HTH