Go to EmailJs
Create a free account (you can send only 200 emails per month in this account) want more emails head to pricing
Create a email servi...
For further actions, you may consider blocking this person and/or reporting abuse
I am not sure that it is wise to do this from the front end. Aren't you exposing your emailJS credentials to everybody? My guess would be yes and it being a third party service everybody could send emails with your account and at your cost / limit. This should not be used from the frontend imho.
~Cheers
Indeed, someone could copy your code, but they will only be able to send your templates, with your content, and will not be able to send a custom email with their own content (spam). Which is absolutely not interesting for spammers. A better way to think of EmailJS in terms of security is not as a service that allows you to send email from Javascript, but rather as a service that allows you to create a predefined set of emails via the dashboard, and then just trigger the emails from the Javascript. This is quite similar to how emails are usually sent via a proprietary server code, and also to the way products like Intercom or customer.io are working.
Additionally, we've also developed various tools to prevent abuse – for instance, we have IP based rate limits to prevent bots from spamming, a whitelist of origin, and also support reCAPTCHA tests to make sure that a human is sending the email (although it's up to the developer to turn this feature on).
Please note, EmailJS send endpoints don't require authentication, so you can make the call to our API without worrying about security. The keys in the network tab are public keys.
I see! Thanks for chiming in. Good to see even the devs of the service care enough to address possible issues! Kudos!
These are issues of absolutely any public API. The same public API from Google Maps is no exception, as well as someone's own development. Unfortunately. Therefore, we do our best to make the price of hacking more expensive than the profit.
it supports only reCAPTCHA v2 not v3 why ? @xr0master
In order not to go deep into the reasons, I will simply answer that there are several problems.
As a result, our customers will contact our support team instead of Google support, which is why we decided not to add it yet.
Interesting, but why would the frontend ever need to send an Email?
For a simple contact form without the need for a backend.
But this is still a backend just not one you own. Me personally, I'd rather all communications I own go through my own stuff
With the growth of professionalism, there is an understanding that you need to do what really requires your attention.
At the same time, the development of your solution will cost many times more, and the quality will be clearly inferior to the work of a specialized team.
Therefore, there are many services and SaaS as a business model.
💯
I work for a security focused company, I'm 11yrs into development, my "own stuff" would be a server and a built in to language mailer function. I don't agree with this level of trust, end you can't say I'm unprofessional or inexperienced because I have seen what happens when companies give to much trust.
Im using this today! Thanks!!
good to hear
Thank you for the article!
Like other people here, I was a little concerned about security, but in the end, the message is always going to be the settled template, and the custom message sent is inserted in HTML as plain text.
I had doubts about this last, so I tested it