---+<nowiki>OpenLink</nowiki> Contact web form

%TOC%

---++Background

The `contact' link on http://www.openlinksw.com/ has presented a list of 
simple email addresses with no obfuscation, so spam reigns supreme on all 
our public email addresses (e.g., for technical.support, etc). 

---++New System Notes

As of about nowish, we have [[http://www.openlinksw.com/contact/][a new  form]] 
which removes email addresses from public view completely.

   * we still present the postal/street addresses for the offices
      * but now we have RDFa using the 
[[http://microformats.org/wiki/hcard][hCard]] ontology as well
   * there is a form in which the public can enter any message and send 
it to one of a list of departments.
      * There are some validity checks on the entered data 
      * the list of departments is stored in a simple table in the database

---+++Spam & Email

The new form sends an email to whoever is listed as the contact
email-address for a given department. This email takes the form
(specifically asserted headers only):

<verbatim>
Sender: "OpenLink Contact Bot" <contact@openlinksw.com>
X-Mailer: Virtuoso contact assistant
X-Originating-IP: 83.67.33.215
Date: Fri, 01 Aug 2008 15:27:39 GMT
Message-ID: <20080801112739000000#contactbot@openlinksw.com>
Subject: [oplcontact] Testing live system
From: "Tim Haynes" <tim.haynes@openlinksw.co.uk>
Reply-To: "Tim Haynes" <tim.haynes@openlinksw.co.uk>
To: <tim.haynes@openlinksw.co.uk>

[Message sent using the OpenLink Contact Bot, <http://www.openlinksw.com/contact/>.]

This from friday's testing..

-- 
OpenLink Contact Bot
http://www.openlinksw.com/contact/
</verbatim>

Users are advised to set up email filtering based on either the Sender (not
the From header), X-Mailer or start of the Subject headers as they see fit.

This system should not generate a huge amount of spam; there are a 
handful of checks on the fields entered to ensure they are not empty, 
not too long, and look basically like email addresses or a name (must 
contain a space). Additionally the crude Turing Test will reduce spam 
an awful lot. 


---++Backend database tables

The form uses two database tables:

   1 A list of department name and contact email address.
<verbatim>
CREATE TABLE db..deptemails 
   ( dname  VARCHAR, 
     demail VARCHAR
   );
</verbatim>
   1 A log of all requests for contact. At a future date, it may be 
converted into an RSS feed.
<verbatim>
create table db..deptcontactlog(tstamp datetime not null primary key, 
    ipaddr varchar not null,
    name varchar not null, email varchar not null, 
    dept varchar not null, subject varchar not null, 
    content long varchar not null);
</verbatim>


---++Lingering email addresses

The following group addresses exist on the mail-server and may want incorporating into the contact form. Please approve/deny/reformulate each:

<verbatim>
    Discussion/News administrator <discussion@openlinksw.com> 
               phpBB boards group <boards@openlinksw.com> 
     UDA Documentation Maintainer <uda.docs@openlinksw.com> 
Virtuoso Documentation Maintainer <virtuoso.docs@openlinksw.com> 

  Virtuoso Open Source Maintainer <vos.admin@openlinksw.com> 
                    iODBC Manager <iodbc@openlinksw.com> 

          JDBCBench Administrator <jdbc-bench@openlinksw.com> 
                        OAT group <oat.admin@openlinksw.com> 
        ODBC Benchmark Maintainer <odbc-bench@openlinksw.com> 
           OpenLink Data Explorer <ode@openlinksw.com> 
              OpenLink Data-Space <ods@openlinksw.com> 
       Ruby on Rails ODBC Adapter <odbc-rails@openlinksw.com> 

                             ATOM <atom@openlinksw.com> 
                             FOAF <foaf@openlinksw.com> 
                             Soap <soap@openlinksw.com> 
                           SparQL <sparql@openlinksw.com> 

   EMEA Customer Services Account <emea.customer.services@openlinksw.com> 
              General Information <general.information@openlinksw.com> 
                  Human Resources <human.resources@openlinksw.com> 
             Product Availability <product.availability@openlinksw.com> 
                  Download Wizard <downwiz@openlinksw.com> 
                         Training <training@openlinksw.com> 
</verbatim>


---++Open Issues

   * Does this mean we're now going to start bouncing mail for those 
long-exposed addresses?  If so, all such bounces must point the 
bounced senders to the new means of contact.  If not, why do we
not continue to present those addresses, now *with* some obfuscation
so they're friendly enough for humans but not so much for machines?
-- Main.TedThibodeauJr 25 Jul 2008%BR%%BR%
      * Yes we probably will invalidate them.  
-- Main.TimHaynes 28 Jul 2008%BR%%BR%
         * Then I suggest we start work on the wording of the bounce now.  I want senders who use the addresses we've been publicizing for 15 years to get actual content back, not just "no such address" which can easily make them think OpenLink is no more. 
-- Main.TedThibodeauJr 29 Jul 2008

            * We can do this. Will roll live using existing email addresses and then can change any time we like anyway. -- Main.TimHaynes 1 Aug 2008

   * Please split the department menu selection into two menus, "Department" + 
"OpenLink Office", with with the latter values "US Office" and 
"UK Office"?  The current list is needlessly long, and is filled 
with potential for wrong choice, not least because it's incorrect 
(as the section above shows -- the US office handles all of the 
Americas plus Japan, most of which are not "USA", and the UK office
would not be what I thought I was choosing as "Other"...). 
-- Main.TedThibodeauJr 25 Jul 2008%BR%%BR%
      * I am unconvinced that this has any benefit. The set of recipients
is not wholly departmental - iodbc@, vos.admin@, etc. It also opens up the question 
whether we should inflict geographical arrangement of departments on the outside 
world rather than simply handling nationality internally.  
-- Main.TimHaynes 29 Jul 2008%BR%%BR%
         * Internal assignments, based on universal "openlinksw.com" addresses, is 
indeed *strongly* preferred. 
-- Main.TedThibodeauJr 29 Jul 20088
            * The revised list of contacts is duly independent. -- Main.TimHaynes 1 Aug 2008

---+++email formatting issues
[...]
-- Main.TedThibodeauJr 29 Jul 2008

   * I've applied a bunch of changes:
      * Sender is contact@openlinksw.com
      * From is user's name & email address
      * Subject prepend is `[oplcontact] '.
      * Date header always existed anyway
      * The mail body now only has the one line intruding 
      * X-Originating-IP is included (and logged)

-- Main.TimHaynes 1 Aug 2008

   * What are your length limits?  both for too long and too short? -- Main.TedThibodeauJr 25 Jul 2008
%BR%What's your test for "is this an email address?"  -- Main.TedThibodeauJr 25 Jul 2008
%BR%Is there more to your "name" test than that it must contain a space? -- Main.TedThibodeauJr 25 Jul 2008%BR%%BR%
      *   
<verbatim>
name like '% %' and
email like '%@%.%' and 
trim(subject) is not null and
length(name)<50 and
length(email)<128 and
length(subject)<256 and
0<length(trim(content))
</verbatim>
-- Main.TimHaynes 29 Jul 2008%BR%%BR%
         * length(email) and length(name) are too short.  256 is *probably* long enough 
(but is not guaranteed to be!) for email; 128 is *probably* long enough for name. We've
hit problems in the past with these fields being too short in the Case
System. -- Main.TedThibodeauJr 29 Jul 2008


            * I find those hard to believe (don't want to open up to spam too much either), but we'll see how your numbers work out          -- Main.TimHaynes 29 Jul 2008


---++Resolved Issues

   * Please remove the parentheses from +1 and +44 in all phone numbers. -- Main.TedThibodeauJr 25 Jul 2008%BR%%BR%
      * gone -- Main.TimHaynes 29 Jul 2008