Our website has several areas with “invite a friend” type links, and for the most part they just pop up a modal asking for your name, email address, friend’s email address, friend’s name, and the ability to modify the message of the body.
The huge upside to this is that anyone can easily send a message to their friends without having to worry about their computer handling mailto: links the way they want them to.
The huge downside to this is the level of spam we get.
Typically if the same IP tries sending email out on our system more than once in a short period of time it will enforce a capcha, but a few clever bots have gotten around this recently.
What do you use for the public to share via email?
Unfortunately, that sort of thing is amazingly prone to being used for SPAM and links not making it through at all.
Most of the time I try and push people to social sharing since that’s usually a bit less problematic. Otherwise, you’re fighting the constant battle of either requiring capcha for everyone or trying to content/reputation filter clients. Something like Cloudflare can help a lot with that if it’s the route you want to go.
On a similar type of form we found this to be highly effective: Save a timestamp when the form is displayed. Compare the timestamp to current time when the form is submitted. If it is less than some reasonable minimim number of seconds, display an error message, otherwise let the email go out. Very simple, has worked very well.