FormTo

How to send HTML form submissions to email without a server (no PHP, no Node, no SMTP)

April 5, 2026 · 6 min read

Minimal abstract pattern — sending form submissions to email without a server

If you've ever typed "how to send HTML form to email" into Google, you know the pain. Half the results tell you to use <form action="mailto:you@example.com">, which hasn't worked reliably in a decade. The other half tell you to spin up a PHP script, configure SMTP, buy a VPS, install Postfix, and pray the emails don't end up in spam.

There is a third way, and it's so much simpler than either of those that I want to spend the next six minutes walking you through it carefully. If you've never set up a backend in your life, you can do this. It takes four minutes. You will not install anything.

What you will and will not do

You will not:

  • Install PHP, Node, Python, or any backend runtime
  • Configure SMTP, Postfix, Sendmail, or a mail server
  • Buy a VPS or a server
  • Write any JavaScript
  • Use mailto: links (they are broken for most users)
  • Use Gmail's SMTP settings (they are locked down and brittle)

You will:

  • Keep your existing plain HTML file
  • Sign up for a hosted form backend (free plan is enough)
  • Change exactly one line in your HTML
  • Add a small hidden field for spam protection
  • Receive real emails whenever someone submits

That's the entire scope.

Why mailto: doesn't work

Before the walkthrough, let me explain why the obvious approach fails, because it'll save you an afternoon of debugging.

<form action="mailto:you@example.com"> sounds like it should work. A form that emails you when submitted. Beautiful. Sadly:

  • It opens the user's email client (Outlook, Apple Mail, etc.) to compose a message. It does not send anything automatically.
  • Most mobile browsers either ignore it entirely or open the default mail app, which the user may not have configured.
  • On desktop, users on webmail (Gmail, Outlook.com) see a confusing dialog and usually close it.
  • The form data is sometimes URL-encoded into the subject line, which breaks on any message longer than a few words.
  • You lose every submission where the user decides at the mail-client step that they don't want to proceed.
  • Exposing your email address in HTML is a spam magnet.

So mailto: is out. We need something that actually sends the email in the background without involving the user's mail client.

The actual setup

Step 1: start with your HTML file

Let's say you have a simple contact page. The relevant part looks like this:

<form>
  <label>
    Your name
    <input type="text" name="name" required>
  </label>

  <label>
    Email
    <input type="email" name="email" required>
  </label>

  <label>
    Message
    <textarea name="message" rows="5" required></textarea>
  </label>

  <button type="submit">Send</button>
</form>

This form currently does nothing when submitted, because there's no action attribute and no method. We're going to fix that in two changes.

Step 2: sign up for a hosted form backend

Go to a hosted form backend and create a free account. I'll use FormTo for this walkthrough — the pattern is identical with Formspree, Basin, Getform, Web3Forms, and others.

After you create your account, create a new form in the dashboard. Give it a name like "Contact." The dashboard will show you an endpoint URL that looks like:

https://api.formto.dev/f/your-form-slug

The part after /f/ is your unique form identifier. Copy the whole URL.

Step 3: add the URL to your form

Go back to your HTML file. Change the <form> line like this:

<form method="POST" action="https://api.formto.dev/f/your-form-slug">

That's the one-line change I mentioned. The form now posts to a hosted endpoint instead of doing nothing.

Step 4: set your email in the dashboard

In the form backend's dashboard, find the "Notifications" or "Email" setting for your new form and add your email address. Save.

That's it. You now have a working contact form that sends emails to you when someone submits it. No server, no SMTP, no PHP.

Step 5: add a honeypot (please)

One more thing. Public contact forms attract bots immediately. Without protection, you will get spam within a week. The simplest defense is a "honeypot" field — a hidden input that real humans will never fill in, but bots will:

<input type="text" name="website" tabindex="-1" autocomplete="off"
       style="position:absolute;left:-9999px" aria-hidden="true">

Add that line inside your form, anywhere between <form> and </form>. The backend sees submissions where website is filled in and drops them automatically. This single line of HTML blocks ~74% of form spam on its own, based on the numbers I wrote up in the 30-day spam experiment.

The final HTML

Putting it all together, here's the complete, working contact form:

<form method="POST" action="https://api.formto.dev/f/your-form-slug">
  <label>
    Your name
    <input type="text" name="name" required>
  </label>

  <label>
    Email
    <input type="email" name="email" required>
  </label>

  <label>
    Message
    <textarea name="message" rows="5" required></textarea>
  </label>

  <!-- honeypot: hidden from humans, catches bots -->
  <input type="text" name="website" tabindex="-1" autocomplete="off"
         style="position:absolute;left:-9999px" aria-hidden="true">

  <button type="submit">Send message</button>
</form>

That's the whole file. Open it in a browser, fill it in, click Send. An email lands in your inbox within seconds. I was not kidding about this being four minutes of work.

What happens when someone submits

Let me walk through what actually happens, because when a setup is this simple people sometimes don't believe it's working.

  1. User fills in the form and clicks Send.
  2. Their browser POSTs the form data to the hosted backend URL.
  3. The backend validates the submission (honeypot, rate limit, basic shape check).
  4. It stores the submission in its database.
  5. It composes an email containing the submission, sends it from its own verified domain to your inbox, with the visitor's email address in the Reply-To header so you can reply with one click.
  6. It redirects the visitor's browser to a thank-you page (either one you specified, or a default one).
  7. You receive the email. Usually within 1–5 seconds of the user clicking Send.

There's no step in there that involves your own server, because there is no server. The backend is running on someone else's infrastructure, handling delivery for thousands of forms at once.

What if I want a custom thank-you page?

Add one hidden input to the form:

<input type="hidden" name="_redirect" value="https://yoursite.com/thanks.html">

Make a thanks.html file on your site with a friendly confirmation message. After a successful submission, the backend will redirect the browser there. No JavaScript required.

Can I use this on any kind of site?

Yes. Any setup where you can put HTML in front of a visitor works:

  • A static .html file served from your computer, a USB stick, or a CDN
  • A Jekyll, Hugo, or Eleventy static site generator
  • A WordPress site (drop it in a Custom HTML block)
  • An Astro, Next.js, Nuxt, or SvelteKit project
  • A Webflow, Framer, or Wix page that allows custom HTML
  • A GitHub Pages site (full guide)
  • A plain HTML portfolio from 2007 you never migrated

The hosted endpoint does not care what built your page. It just needs an HTML form pointed at it.

Common mistakes to avoid

Forgetting the method attribute. <form action="https://..."> without method="POST" will try to send the data as a URL query string, which some backends reject. Always include method="POST".

Using JavaScript to submit the form. You don't need to. <form> tags submit themselves. Writing an onSubmit handler is how people accidentally break their form. If you just want it to work, leave the JavaScript out.

Putting secrets in hidden fields. Hidden fields are visible in the page source. Anyone can read them. Don't put API keys, admin flags, or anything you wouldn't put on a billboard.

Forgetting to verify the email in your backend's dashboard. Most form backends require you to confirm the email address you want notifications sent to. Check your inbox for a verification email after you add your address to the dashboard.

Testing only on localhost. Test the deployed version. Submit from your phone on mobile data. I have seen a lot of forms that "work on localhost" and mysteriously break in production because of CORS headers, HTTPS enforcement, or a missing DNS record.

The one thing you should remember

You do not need a server to send HTML form submissions to email. You have not needed one for years. Any time a tutorial tells you to install PHP or set up SMTP for a contact form, close the tab.

The modern answer is: a hosted form backend takes a <form> posting to its URL, handles every boring part of delivery, and sends you email (and Slack, and webhooks, and whatever else) when submissions arrive. The free tier is usually enough for a personal site. Paid plans are $9–$15/month when you outgrow it.

That's the whole landscape. You now know more about contact form infrastructure than 90% of the people on the internet who are currently wrestling with PHPMailer.

Create a free form on FormTo — 25 submissions a month, no credit card, works on every host. Paste the endpoint into your HTML, add a honeypot, and your static site has a working contact form in four minutes.

For framework-specific versions of the same setup: Astro, Next.js, Hugo, Eleventy, Webflow, Framer, and GitHub Pages.

More posts

← All posts