Due to enormous amounts of spam on our public email addresses, i.e. webmaster@ourdomain.com, we're going to ask the public to communicate with us only by form.
Rather than use any kind of Matt-Wright-like solution, we're thinking we'll have a form where the recipient of the form is not visible in the source code, but only a lookup code for it.
So the form, rather than saying
<input type="hidden" recipient="codypendant@ourdomain.com">
will just have something like
<input type="hidden" recipient="12345">
and the actual email address will be looked up based on that key.
Is there any remaining security/spam issue, assuming that we also check that the form was submitted from one of our servers?
Obviously if someone goes to the trouble of spoofing our IP or domain, they can still spam me by imitating the action of the form, but apart from that, am I missing something?
($_='kkvvttuubbooppuuiiffssqqffssmmiibbddllffss')
=~y~b-v~a-z~s; print
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.