Re: "Mailto" Command

On Wed, 9 Apr 1997 wrote:

> (Walter Ian Kaye)
> > I agree about its poor usability, and that's why I could never
> > understand why some people ask their ISP for a "" CGI. My
> > initial reaction was,like, "Huh?" :-)
> Actually there are very good reasons for a script that sends the form 
> submission via e-mail. The following things can be done by a script and 
> can't be done by action=mailto. (1) The mailing address can be kept 
> secret, so users can only send submissions to that address via the 
> script. (2) The form entries can be validated by the script. (3) The 
> script can generate a response page. (4) The script can also record 
> submissions in some other way if desired, e.g., collecting statistics or 
> saving submissions in an archive file. (5) The script will work in 
> browsers that don't support action=mailto.

Also it forms an excellent first line of identity authentication. You can
have people register for a service online and email their password to the
email address they claim (while giving them their login name via the web). 
It stops 90%+ of bogus identity claims and credit card fraud cold and so
prevents many theft of services incidents for the service provider before
they even start. I've used 'mailback' authentication for a couple of years
now for an automated free classifieds system and some commercial sites I
developed. It is amazing how much crap gets screened out that way with no
effort on my part.

Oh, item (1) on Bruce's list also accomplishes a major reduction in the
amount of spam email sent to web page owners. I've been actively removing
'mailto' links from pages I control for the last 6 months because of the
amount of spam from web walking email address gathering robots. It
continues to rise anyway - primarily because of Hypermail archives of
maillists where my address is exposed in mailto links.

Benjamin Franz

Received on Wednesday, 9 April 1997 12:42:10 UTC