Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: phranque
Some sites don't have it, some have a page with an email that you click and opens your email client, and some others put the email as a gif image to avoid being scanned on the web and receive spam. All of the previous cases are wasting the potential and benefits of a contact form.
Its useful to receive feedback, corrections or even complains from your visitors regarding your site. It consist in two parts, an html file with the form and the script that processes the info to send the email. The script might be asp, perl, php, whatever.
Make the best out of your contact page-form:
Of course, respect the privacy of your visitor and don't use their emails addresses to send spam, marketing mails or newsletter UNLESS they ask you to. AND, keep that info safe and private.
So, do you have a contact form? ;) What else can you do with it?
What else can you do with it?
-- From a customer service standpoint, it prompts the user to answer the right questions (make them required) so you can answer their inquiry intelligently, whereas a generic email may just be confusing.
--- Add a "how you found out about us" field, and make it required.
some have a page with an email that you click and opens your email client....
--- I'm amazed at the number of people who just don't realize that a mailto: link, in any form, will only work if your visitor has an off-line mail client. A mailto link prompts the local system to open the "default" mail program and populates a new email with the send to, subject, and sometimes even the body. But if your visitor uses a web-based mail client, such as Yahoo, MSN, gmail, etc. - this won't work. I've seen this in action, and when Outlook Express "pops up" on an unaware user's screen, the reactions range from mild confusion to "OMG it's a pop up, this site has a virus."
More and more people are using free web-based mail clients and you can be guaranteed that if you use mailto: links, you are losing business. A secure, working contact form reduces the proliferation of spam by removing the email address from your site, completely, and circumnavigates all this.
Add a filter to block all the incoming emails filled with urls and links for meds....Beware of attacks.
--- Having a simple contact form processor can be more trouble than it's worth if you don't do this, and make it secure. You will have to do some filtering, but more importantly it's critical your processor cleanse the data and throw away anything that is not acceptable. After that you filter for link droppers, and this will knock out 99% of your spam attack attempts. If you don't know what you're doing, pay someone to do it for you - "Free" almost always carries consequences.
An additional caveat here: If you auto-respond to the visitor, have it auto-respond from a no-reply address. This is as important as anything else. Spammers will submit your form just to get at your from address.
"But I'll lose customers!" No you won't. If you manually REPLY to the inquiry, your legitimate customer now has your valid email address.
-- Make sure it's accessible and usable. How often have you submitted a form and a plain white page with the words "Some of your form fields are missing, use the back button and try again." What the heck? Think through your process, guide your user. What should have happened here is the form displays again, with all the data they entered populated, with this message in big red text: "The email address is in an invalid format. Please re-enter a valid email address." (Some may even focus the first errant field, but I don't do this because there are mixed emotions on controlling the user's actions . . .)
Store the messages on the server on a log file or database for future reference.
I can't stress the importance of this. Many just consider the server's access logs "enough" but when your form is under attack from spammers, server logs don't tell "the whole story." You need to know precisely what is being input in your forms; before processing anything, log the raw data to see what they are up to.
--- Add a "how you found out about us" field, and make it required.
Anyone got any stats on the reliability of this. If you make it compulsory when it is unnecessary for what I want to ask and I, for one, will give a duff response every time - if it's a dropdown then probably the one that looks most expensive. Don't make it required and I may leave it unanswered or I may answer it correctly but I won't look to corrupt your stats.
<added>Probably depends on your audience.
[edited by: Status_203 at 11:00 am (utc) on April 6, 2009]
--- Add a "how you found out about us" field, and make it required.
Ditto what Status_203 said. Requiring me to answer a purely self-serving question like this, especially if I'm filling out your contact form as a courtesy to report errors on your site, or to complain about something that I'm not happy with will end with a bogus answer and skewed data.
Respect your users and let them choose whether they answer questions like these. Better yet, ask them how they found you when you respond to their inquiry. A human touch goes a long way.
I cant believe the amount of websites that I have spent a few minutes on writing some feedback, only to find it directs to page that doesnít exist. Or the form sent an email to an address that didnt exist.
My websites cover all the bases and a little more. Capturing all possible data has help me to determine who was the 'anonymous' idiot sending me an offensive message, but I do worry that most people using these form donít realise how much data we are capturing about them.
I had one user who got quite narky that I had their IP address, I wasnít about to tell him how much more info I had.
Which begs the question, how much information is too much information? As I capture a little bit more than most.
Also I react to spammers in exactly the same way as if it succeeded even though I'm tossing the message. Don't let them know when you detect them, and you'll have far less work with tuning your filters, as they'll not tune their messages.
I often make _none_ of the fields required. Iow. all attempts succeed even a blank submit. The anti-spam filter then stops me from wasting time on the blank ones and I can focus on the interesting ones. Since they all work it means that often I don't have an email address to work with them, but most fill it out and those not doing that mostly have a good reason and it prevents me from getting bogus info like "firstname.lastname@example.org".
IMHO: the less fields are required the better it works.
I never send out automatic emails back to the submitter, it's way too easy to fake an address and if you use any user supplied content you might open up a number of holes for spammers to abuse or security incidents to occurs.
Seb7, There might be a reazon for that. There is a trick that takes a presence of a cookie into consideration. If there is no cookie or a cookie is to young(less than 2-3 seconds) a lot of sites will point Action page to "NO-WHERE-LAND". This is done to minimize the amount of spam that comes thru contact form.
I don't like captchas; the older I get the harder a time I myself have making them out. I've found that adding a hidden field to the form and then tossing out the entry if it's filled in has been pretty darn effective in weeding out 99% of the crap.
The topic of this thread is importance and uses of your contact form. This is an important aspect of using a contact form. Instead of aggressive upsells and serrupticious data collection tactics, this is a simple and polite way to collect information about what marketing is working for you.
Sooner or later, you have to come to the conclusion that some customers are more trouble than they are worth. If it's "too much" for you to enter the word "Google" or "friend" when inquiring about a service or product, you probably fall into that category.
In all the customers I've had over the years they have all found this single field an invaluable contributing factor to understanding what marketing works for them, and have never heard rumor of a single complaint. Not one. If you see this as "self-serving" or obtrusive, you probably fall into this category. No big loss.
Never send a auto-response. It simply gives spammers your email address.
see post # 2:
If you auto-respond to the visitor, have it auto-respond from a no-reply address.
An auto response is a verification to the end user that the form is actually WORKING. "Of course it works, why wouldn't it?" This problem is rampant (see ambellina's post, page 1.) Even when they work, they provide poor or inadequate responses to the end user.
Just the other day I submitted a form that gave no response other than a redirect to the main page. Did it work? Who knows.
A second use of the auto-response in the contact form is that it provides a link for them to return to your site and displays a degree of responsibility to the legitimate client. Part of the "cold form" problem is that users don't know if they are really getting through, a response is like saying "we got it, and we'll get back to you ASAP."
I have a captcha on all my contact forms. What's your opinion on this?
Contrary to my comments about "how you found out about us," I have heard nothing but complaints from every.single.user. who has to deal with one of these. I have never heard positive feedback on them from anyone except the programmers implementing them. They are unnecessary barriers to making a contact.
They are unnecessary because the processors behind them should do all the work, and they usually don't. So while putting a capchka on a form may temporarily (or even permanently) solve your problem, it does so at the expense of the end user. Stopping spam and filtering data should be the job of the programmer, not John Public who is frustrated enough just getting his computer to boot up.
On contact us pages I put photos and email addresses
See post #2, page 1:
.... a mailto: link, in any form, will only work if your visitor has an off-line mail client. .... More and more people are using free web-based mail clients and you can be guaranteed that if you use mailto: links, you are losing business.
I have tried blocking certain blocks of URL's when I see them come in but they constantly get new ip's.
However, being more of a marketeer than a techie, I've always found implementing contact forms one of the most troublesome areas of the websites that I have developed. Every so often one of the forms on my website will stop working, usually due to the web host changing some security settings or my spam filter blocking the form email. Then there's the endless spam sent through the forms that has already been described. I have also heard that it is possible to "inject" code into a website through a web form if it is not set up correctly - probably an unnecessary fear as my websites are not database driven, but it leaves me with a lingering concern that my websites might not be secure.
Anyway, the type of features that exporador mentions sound excellent. I'm just interested to know if there is some easy off-the-shelf code available to produce such a form.
Like the last poster, is there a secure off the shelf solution or doe it need to implemented on a site by site basis?
I knew that some people use gmail etc. and have no Outlook. I also knew that mailto calls up the email client. Just never put the two together and the effect my mailto (yes, I am guilty) can have on lots of my users. Thanks rocknbil.
It is asked in the most ridiculous circumstances. Most recently, an AT&T customer service rep chirped "And how did you learn about AT&T today?"
As for Captcha, I think it's a good idea but expect users to complain about it and to claim it doesn't work for some unique reason that applies only to them.
Test your form constantly. Have your <insert_random_clicker_here> find the form and fill it out. Ask them if the process made sense, how did they feel about the amount if info asked etc.
Always test your form... It will stop working right somehow once a year for very common reasons. It can be a failure from a spam filter (see the on server suggestion) or updated perl or some or all the browsers security therefore rendering changed. I have seen tons of issues that creep in without anyone being aware.
Offline backups - end to end backups for all code used on your site is crucial as are the notes about EVERY edit no matter how minute. If you start from scratch you can mess up your email spamfilter ratings for a bit if your email header content changes too much. And when the script is hacked and the server compromised you will need to redo everything and fix the issue. Have fun and good luck getting back online if those offline non automated backups dont exist.
Get the crucial info, but keep it simple. And for petes sakes answer the email immediately as soon as anyone see's it! Tell them your working on their answer and you'll have more info <?>...
Sure you sent an automated response saying it will 24-48 hours but honestly what were you doing exactly 48 hours ago (ohh please don't tell me) but most users might remember they were researching something or other.
But if you wait that long they are either done or gonna make you play the back and forth game till they get back up to speed emotionally. They sent you an email wanting some personal service how ever ridiculous, a good quick personal reply goes a very long way...
Do not use unknowledgeable screeners here, your gonna tee off someone and if your like some of my clients that sale is worth 5 or 6 figures and a referral to a lower end or competitors product can generate more money for adwords campaigns.
To kind of stay on topic the reason I starting using the contact form was because someone used my email address as a return address for spam and I wound up with 1000's of "mailer-daemon failures" in my inbox. I shudder to think how many thousands made it through with my email address on them.
With a contact form you don't have to show your email address at all.
I had a contact form in one Web site and it got spammed heavily, I use to get almost 50 or 100 junk per day.
Later I "captcha"-ed it, to get rid of robotic actions.
Captcha is necessary, if our forms get infected with robots, but captcha verification can be made a much simpler or a much harder, based on spam experience with our form.
Captcha is necessary, if our forms get infected with robots
This is an age-old problem for non-programmer Webmasters-- creating and installing a spam-proof contact form. People avoid forms and resort to captchas and desperate solutions such as exampleATexample.com. (And don't forget to change AT to @).
Sorry, folks, but not all of us are programmers or code writers. And there's even a range of opinion in this string, among professional Webmasters, on what's effective.
I'll venture that somebody could make some money if they'd write a cookbook manual, or an application, for creating and installing spam-proof forms. Write it for both PHP and ASP. I know I'd buy it.
Not ALL CAPTCHA methods are good for everyone, but SOME do more good than harm. The image based ones with obscured text are the worst (in my opinion). But other methods like simple plain text questions (which *most* people can answer) do prove positive most of the time.
Nothing you do can ever be 100% perfect for everything and everyone, but you can try to get a good 'in-between'.
I'd also recommend hosting the full form solution on your OWN hosting. (You would be amazed at how many people use remotely hosted form solutions - imagine the data these guys have on you, your business and your clients... man that is scary.)
Always make sure you have 100% access to the full source code and host locally. You have a responsibility to your clients and their data.