Route website form data from external web site

This tutorial will show you how to route website form data to an Enguard email address.
 

If Enguard is not your web host and you are hosting your web site with an external web hosting service on a Linux server running Cpanel, you can follow these steps. The screenshots below may look different to yours, depending on which version of Cpanel your web host is running.

 

topics covered:

 


Routing form data to your Enguard address


Step 1: You will need to know your MX record.

  • Go to http://mxtoolbox.com and enter your domain name
  • Click MX Lookup
  • Please write down your MX record, which will be listed under Hostname in the result

 

 

 

 

Step 2: Login to Cpanel at your external web hosting service, then click the Email Accounts icon.

 

 

 

 

Step 3: Make sure there are no email addresses listed. If there are, please delete them all.

 

 

 

 

Step 4: Click the MX Entry icon

 

 

 

 

Step 5: Under MX Records, click Edit

 

 

 

 

Step 6: Complete the Priority and Destination Fields

1) For Priority, enter 10
2) Enter your MX record

Click Edit

 

 

 

 

Step 7: Select Email Routing Option


Under Email Routing, select Remote Mail Exchanger
Click Change

 

 

 

 

Step 8: Form Settings


Within the settings or code for your web form, do not specify the "from" address as any email address @ your domain name.
For example, the "from" address cannot be user@yourcompany.xxx, with the form content delivering to user@yourcompany.xxx

Our server will consider this a spoofed message and will reject it. It will do this if you have the web form send a copy of the form message to your address, which we recommend never enabling anyway as that creates a significant spam vulnerability. Although you may be able to configure the "from" address as the email address of the person filling out the form, that can also cause spoofing issues if they have SPF restrictions with their email host.  

Instead, we recommend creating a nominal (fake) email address that uses an alternative version of your domain. This address will not be the actual sender of the message, but since the "from" field cannot be left blank, you need to fill something in that will not trigger your spoofing protections or those of other authentic email addresses. 

We recommend simply adding the word "webform" to your domain to create a nominal address for the "from" field.

For example:

  • A company with the domain abcdoctor.com wants their webform to send form data to their email address: intake@abcdoctor.com
  • For the "from" section of the webform they need to use a nominal email address, that cannot include their actual domain. 
  • Instead of intake@abcdoctor.com, they use intake@abcdoctorwebform.com
  • Since the domain abcdoctorwebform.com is unlikely to exist, using intake@abcdoctorwebform.com will not trigger spoofing protections.

 

You, too, can add the word webform to your domain name before the extension (.com, .net, .org, etc.) to create a nominal address for the "from" field. 

Since the web form messages will not actually be coming from the "from" address you specify in your form, there is no security concern for using nominal email addresses in the "from" address field of the web form. 

 



SSL Certificate Requirements

If you allow prospects, patients, clients, or employees to send you information over any form on your website, you need to secure the website itself. Using a secure email address for the web form is required, but HIPAA guidelines and best security practices require that you procure an SSL (Secure Socket Layer) Certificate for your website as well. If you work with Patient Health Information this is mandatory. Speak to your web hosting provider about this and be sure to secure the SSL Certificate before you enable web forms that people can use to send you personal information. 

 


If you cannot get the web forms to properly route to your secure email address...

You may need to host your web site with Enguard. We have configured our web hosting service to work seamlessly with our email service, so all form data will be submitted and delivered securely from the web server to our email server without any additional configuration. SSL Certificates are easily procured for your site (if hosting with us) upon your request. You can also setup secure forms with us so that the connection between your web site and the person filling out the form is encrypted, which ensures 100% secure transmission of form data into your inbox. Contact our support team if this is something you are interested in.