Hi,

FormMail's "conditions" and "required" features are quite powerful.

However, there's a quite a lot of work and learning required in order to use "conditions".

You can copy some examples from these forums, but just validating an email address format is quite a challenge.

We've been thinking about including some standard built-in conditions into FormMail and would like your opinion on this.

For example, some built-in validations might be:
  • email address format (btw, spammers already know what a valid email address looks like)
  • phone number format (in this case you will put on your form the format you want people to use - you don't want them to have to guess)
  • Text only (alphabetic, numeric, and basic punctuation). This is for textareas etc.
  • Date format (various international formats as well).
The downside is that built-in conditions are viewable by anyone, including spammers. So, if you use built-in conditions, then the spammers will more than likely learn about them and target their spam to be accepted by the conditions....thereby getting an annoying spam through to you.

There's already evidence that some spammers have managed to get around some of the built-in anti-spam detection in FormMail. (Remember, they can only annoy you, not use your server to send spam to other people - your server is safe with Tectite FormMail.)

However, we don't actually think that field validations are an anti-spam technique. They are primarily to protect your data from innocent errors by your form users.

So, by building-in some validations, we'll be making it easier for you to create robust forms for normal users.

Anti-spam techniques are something entirely different to field validation.

If you want to use field validations for anti-spam, then you also need to use the INI file feature to hide the validations from view.

Please vote on the poll.