I want to hide a recipients email address in a form using FormMail.pl. Here is how I have it:
<INPUT type="hidden"
NAME="recipient"
VALUE="email@someplace.org">
Is there a way to use an alias or something so the @???.com isn't used? Maybe something like:
<INPUT type="hidden"
NAME="alias"
VALUE="jobtitle">
But I'm not sure how to go from here tying the alias value with the recipient value. And how or where does this go in the perl script? Or does another function/process/script have to be created?
All I'm trying to do is keep a bunch of newbies from blaming me (webmaster) for spam or viruses they get using email addresses I create. I give them unigue aliases that are simply redirects to their email addresses.
:thumbsup: Thanks in advance for any help. :thumbsup:

You can change the email address in the Formmail.pl script.
Something like this:-

$x=$Config{'recipient'}; // the recipent as specified in the form
if ($x eq "fakename1"){
$x="realname1";
}
if ($x eq "fakename2"){
$x="realname2";
}


and so forth.

Then direct the email to $x (=realname).

Thanks Philip! :)
I think I'm 80% there understanding what you are saying but I am including what I have done so far for your scrutiny.
I started by making a subroutine and then plugged in the alias logic into that routine but because formmail uses the referer to validate the recipient I am afraid of a redundancy or bad logic.

# Check E-Mail alias
&check_alias;

sub check_alias {

# Localize the check_referer flag which determines if alias is valid. #
local($check_referer) = 0;

# If a referring recipient was specified, for each valid referer, make sure #
# that a valid recepient alias was passed to FormMail. #

$x=$Config{'referer'}; // the recipent (referer) as specified in the form
if ($x eq "director"){
$x="director@kentwrestling.org";
}
if ($x eq "secretary"){
$x="secretary@kentwrestling.org";
} }
}
}
else {
$check_referer = 1;
}

# If the HTTP_REFERER was invalid, send back an error. #
if ($check_referer != 1) { &error('bad_referer') }
}


I have the referers by domain, not individually which is were the recipients are pulled so I'm not sure if I am messing with the logic this way or should I list out all the legal referer's (recipients and not just the/their domain) and then run this subroutine?
I am also unsure of $x ? Is that a wild card for whatever the entry is?

I really do appreciate you and anyone else taking the time to help me through this.
:thumbsup:

This is a case of the blind leading the blind to some extent, but in my experience the best thing to do is try it and if it does not work think again!

I intended $x to simply be the variable name you wish to use. It is not a good choice as the actual name as it may clash with another $x somewhere else in the script.

As I see it you can include something like this in the form but of course the ACTION of the form must still be to submit to "www.yourtruedomain.com/cgi-bin/formmail.pl". I don't see how you avoid that, but it is possible to crudely encrypt it by translating each character to ASCII with a % in front of it. But in any case there is no @ in that, so perhaps that is not a problem.

In the form you can define the recipient as

<FORM>
<input type="hidden" name="recipient"
value="fake@nowhere.com"

and then translate it using your Perl script.
Then mail the result to $x.

The referer is not the same as the recipient. The referer is the URL of the page submitting the form. I understand that can easily be faked. The recipient is the address to receive the mailed form. If you hard-code that into formmail.pl then it cannot be hi-jacked by spammers etc.

Hope this helps! Perhaps someone more knowledgeable may care to comment.

To summarize: You can put anything you like into the form as "recipient" so long as you hard-code the actual recipient into formmail.pl.

See also the post by Mould_goat on this forum.

Another idea is to "encrypt" the recipient thus in the form:-

<input type="hidden" name="recipient"
value="director%40yourdomain.co.uk">


40 hex is the ASCII code for @.

This may or may not block the spammers' harvesting tools!

And/or replace "co.uk" with

%63%6F%2E%75%6B

That should fool the b***ers!

Note that the recipeint is a literal string so you will need to alter the formmail script to accept "director%40yourdomain.co.uk"
or ="director%40yourdomain.%63%6F%2E%75%6B">

PM,
I like this approach as it doesn't stretch the cranial capacity too much.
I'll give it a whirl. Thanks
:thumbsup: