Enhancement: Add recaptcha to mailout form

SchumacherFM / mailout

mailout - a https://caddyserver.com/ V1 SMTP client email middleware with PGP encryption

https://caddyserver.com/docs

Apache License 2.0

78 stars 13 forks source link

Enhancement: Add recaptcha to mailout form #1

Closed hdrlab closed 6 years ago

hdrlab commented 8 years ago

Having the ability to add a recaptcha to the form would help protect against spam bots.

I spotted a Go recaptcha lib, so perhaps that could be used as a starting point: https://github.com/dpapathanasiou/go-recaptcha

SchumacherFM commented 8 years ago

Would you like to implement it and then send me a pull request?

SchumacherFM commented 8 years ago

I received the first spam email:

email_org: [jesse_millea36@rambler.ru] name: [CS Web Contact Form] submit: [Send message] url: [http://www.google.com] Best regards!

RemoteAddr: 91.79.9.XXX:58149 Browser: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.65 Safari/537.36

If it increases then I'll add probably a captcha feature ...

Please also post here if you (dear reader of this issue) are also affected.

hdrlab commented 8 years ago

When I wrote this suggestion I was considering replacing my website with Caddy + Hugo, but ended up sticking with Silverstripe instead (even though I don't like PHP). So this issue doesn't affect me.

I still think that some sort of anti-spam feature like recaptcha is a good idea, though.

mholt commented 8 years ago

@hdrlab Slightly off topic, but is there a reason you went with Silverstripe instead? We'd like Caddy and its hugo add-on to be as competitive as possible.

hdrlab commented 8 years ago

@mholt A few reasons:

I'm familiar with Silverstripe
I really do prefer editing pages using a WYSIWYG editor
Silverstripe also handles stuff like generating scaled images automatically, which I think is on Hugo's roadmap, but isn't there yet
Silverstripe has a static caching/export module, allowing you to mix the speed of static pages with the flexibility of a CMS. That's the main drawcard of a static site generator like Hugo taken care of
At some point the website may have multiple contributors, and having to train others to use markdown, etc., would be a bit of a barrier
IIRC, the Hugo plugin uses basic HTTP auth., which is rather clunky. This is a minor point, but adding users and setting permissions in a CMS is much easier

mholt commented 8 years ago

Thank you for the feedback @hdrlab! We'll look into it.

lexesv commented 6 years ago

@mholt Hi, mailout+captcha https://github.com/lexesv/mailout

SchumacherFM commented 6 years ago

@lexesv Wow! Looks good. If you want you can send me a pull request and I merge it and propagate it to the caddy plugin registry. I can also give you contributor access to this repo so that you can directly commit stuff. One thing which can be improved in your commits is a bit more descriptive commit message ;-)

lexesv commented 6 years ago

@SchumacherFM Hi, thanks. I plan to add the reCaptcha support and then send a pull request.

SchumacherFM commented 6 years ago

Fixed with PR #16