Contactus forms

I have a home-rolled PHP contactus form I’ve been using for years. Among other things (perhaps this is overkill) I hard code the from address to nobody, put the return email into the body of the message and manually make sure nothing can overflow into cc or bcc. That strategy works. As far as I know my form has never been used to forward spam.

I tried to convince a prospective new customer this was the way to go on his new website. I explained posting email addresses in text would lead to a tsunami of spam. He then replied “But I use gmail and they filter all the spam for me.”

Hmmmm. Maybe he’s right. Stuff changes. Maybe contactus forms are now obsolete. What do you think?

Funny, I just make sure the return e-mail field contains a single valid e-mail address… and strip out any overflow/delimiter characters from fields going into the mail header.

Try this on for size:

function isValidEmail($address) {
	if (filter_var($address,FILTER_VALIDATE_EMAIL)==FALSE) {
		return false;
	/* explode out local and domain */


	return (
		/* check for proper lengths */
		($localLength>0 && $localLength<65) &&
		($domainLength>3 && $domainLength<256) &&
			checkdnsrr($domain,'MX') ||

I refuse to use gmail because they were blocking too many legitimate mails, and that AJAX train wreck isn’t even useful – of course that they basically tell Opera users to go **** themselves was the last straw.

I still would never put a raw e-mail address on a website – filters are ‘good’, but not that good, never have been – doubt they ever will be…

But there’s more reasons for using contact forms than just stopping spam… for many users they’re more convenient as you don’t have to wait for the mail client to load or cut/paste into webmail – you click contact, it’s all there. You can craft the form to guide the visitor into making a better/more helpful response… I like to add prefixes to the e-mail subject for mail filters, set by a select for common topics and even by what form on the site was used – that way I can receive them all from one account, but have my mail client sort them into individual folders. (which is a lot easier than trying to maintain 20 accounts/logins at once).

It also means you can customize the output for different targets – for example one of my custom CMS is designed to send results from the contact form not just to that client’s e-mail, but also as XML to their Goldmine contact management software.

Try to sell them on more features and ease of use – not just on blocking spammers.