Amazingly enough so have I, and alot.

I didn't much think about it before -- but now I'll look a bit closer.

Sounds alot like another email harvester attempting to reconcil a new email list.

I''l let you know.

There have been a lot of cases of people's formmail being used to send out spam mail, and it appears to come from the site whose script has been exploited this way.

Previous discussions:

[webmasterworld.com...]
[webmasterworld.com...]

Anyone got any good form to email scripts they can recommend me via stickymail? (to prevent any promotional URLs that are against the TOS)

I'm looking for something that:

* will only send to a set list of email addresses and nowhere else.
* will hide the email addresses inside the script and away from the html
* allows use of several different recipient email addresses upon user selection
* allows customisable bans depending on referrer

More advice: There seem to be an increasing number of exploits directed at form and mail processing scripts. It's a good idea to avoid standard installs, i.e., don't use the default directory location, rename the script if possible, etc. Most of these attacks are automated and fairly unimaginative, so a few simple precautions will prevent most problems. In addition, make sure you have the latest version of the script - several popular mail scripts have been updated in recent months to close security holes.

keep in mind that scripts can also be stored above the root level of your site. Thus making them more inaccessible.

KakenBetaal, I think you are looking at something fairly customized but just start searching for mail scripts on google in the desired language. You could look at hotscripts.com, they have a bunch of different things there.

Thanks, jatar_k, I've looked at both your suggestions already and also searched here on WebmasterWorld. There are many to choose from, which is why I'm looking for a recommendation here. After all, WebmasterWorld is *the* place to come for advice from top notch people. :)

From the level of customization you are looking for you probably won't find much that will fit as is. You will either have to take something that is close and tweak it yourself or just get someone to write it for you.

Though you never know, keep looking if it doesn't need to be done tomorrow.

There are improved replacements for some of the old standard Matt Wright scripts, like nms-formmail at sourceforge [nms-cgi.sourceforge.net] done up by the London Perl Mongers [london.pm.org].

It's a little more complicated, but there are some built-in security features, and it's an on-going project, which makes it a comfortable situation.

Just my $.02.

I think all should be wary of "free scripts" or free website software including but not limited to chat, message board, guestbook, blog, and user logging software, etc.

Many contain backdoor hacks, Trojan programs, spyware, etc. and can cost your business alot more than the benefits of using these free scripts.

I agree with jatar_k, read and tweak every single line of code, know what you are implementing, and make sure minimum permissions are granted.

The best solution is to write it yourself, you can use the other scripts as examples.

[edited by: Paully at 7:56 pm (utc) on Oct. 16, 2002]

My advice:

don't use free form mail scripts. They are so simple to build on yourself, you only have to read some docs for a few hours and you can create your own.

I agree martin, sending form results through email is usually on the first or second page of the forms section in any web-programming book.