Results 1 to 22 of 22
  1. #1
    Join Date
    Mar 2002
    Posts
    238

    Protecting e-mail address from spam robots

    Some years ago, someone came up with using javascript to stop spam robots from being able to grab e-mail addresses off of a web page.

    The same tip is given all over the web, but as this solution is quite old, does anyone know if it's still effective against e-mail harvesting robots?

  2. #2
    Join Date
    Aug 2002
    Location
    London, UK
    Posts
    9,039
    youNOSPAM@domain.com is a classic way
    Matt Wallis
    United Communications Limited
    High Performance Shared & Reseller | Managed VPS Cloud | Managed Dedicated
    UK www.unitedhosting.co.uk | US www.unitedhosting.com | Since 1998.

  3. #3
    Join Date
    Mar 2002
    Posts
    238
    Originally posted by UH-Matt
    youNOSPAM@domain.com is a classic way
    If I were a bot maker, I'd have rigged it a looong time ago so that "nospam" was automatically removed from any e-mail address. Of course, any other added text will work as long as you include a note to remove it.

    But to make it easy on the visitor, using javascript to form the "mailto:mail@mail.com" link still seems like the best option. That is, as long as the bots haven't already been designed to be able to ferret out e-mail links encoded in this fashion. Which is what I'm wondering...half out of curiousity and half on whether I should bother doing this javascript form of e-mail link encoding myself.

  4. #4
    Join Date
    Dec 2001
    Location
    Netherlands
    Posts
    849
    encrypt your HTML

    .
    # experienced Cloud/OpenStack Architect
    #
    # Feel free to PM me for any info or help to build your cloud.

  5. #5
    Join Date
    Aug 2002
    Location
    London, UK
    Posts
    9,039
    If the visitor can view your email address link you can bet someones made a bot which can. How about using an image of your email address and not making it a hyperlink
    Matt Wallis
    United Communications Limited
    High Performance Shared & Reseller | Managed VPS Cloud | Managed Dedicated
    UK www.unitedhosting.co.uk | US www.unitedhosting.com | Since 1998.

  6. #6
    Join Date
    Aug 2002
    Location
    Baltimore, Maryland
    Posts
    580
    I made this java script that splits ur email address into different strings, then when you click on the link it will put them all back together for you; just email mr if you want a copy of it, or just search online for one, im sure someone else has thought of this idea too

  7. #7
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,092
    If you use PHP to encode the address, but enclose the result in a mailto tag, would the bots find and be able to use it?
    Kind of like this:
    Code:
    <?php
    function encode($s='')
    {
    $r = '';
    for($i=0;$i<strlen($s);$i++) $r .= sprintf('&#%d;',ord($s[$i]));
    
    return $r;
    }
    
    printf('<a href=mailto:');
    printf(encode('my@emailaddy.tld'));
    printf('>email me');
    printf('</a>')
    
    ?>
    Could they still harvest it?

  8. #8
    Join Date
    Sep 2002
    Posts
    268
    ^^

    no - php is server side - the bot reads the HTML that is produced by PHP.

    ' <a href=mailto:my@emailaddy.tld>email me</a> '

    is what is produced by your PHP and that is what would be read.

    an easy way to think about it is -
    >view>source
    that is what the bot will read.


  9. #9
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    1,284
    You can encode the mailto on the page using the codes for the chracters (ie #0109;#0097;#0105;#0108;#0116;#0111&#0058;
    is malto: and #0064; is @ and #0046; is .) You'll need a & before each #(not included here to get the numbers to display). This is pretty effective too. Often just encoding the '@' is enough. A good article on spam sourceing from spiders is below.

    http://www.itworldcanada.com/index.cfm/ci_id/18455.htm

    The other option is to have your contact link display the email address as a graphic.

    I have also found that accounts listed on webpages such as: admin, tech, support, sysadmin, sysop, webmaster, hostmaster, postmaster receive much less spam while regular addresses like jwuser@blah.tld will get it. I think most spam spiders must filter out domain 'admin type' addresses.

    As always YMMV.

    Edited for &
    Last edited by NyteOwl; 05-13-2003 at 03:16 PM.
    "Obsolesence is just a lack of imagination."

  10. #10
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,092
    Originally posted by OJI
    ^^

    no - php is server side - the bot reads the HTML that is produced by PHP.

    ' <a href=mailto:my@emailaddy.tld>email me</a> '

    is what is produced by your PHP and that is what would be read.

    an easy way to think about it is -
    >view>source
    that is what the bot will read.

    Umm, actually, the HTML produced does not read 'my@emailaddy.tld, but is encoded in the source, like this:
    Code:
    mailto:& # 105 ; & # 110 ; & # 102 ; & # 111 ; & # 64 ;
    spaces added to 'fool' vbulletin

    Would the bot be able to read this 'normally'?

  11. #11
    Join Date
    Aug 2002
    Location
    Louisiana
    Posts
    396
    this is what i do to get around it. usually on a web site you would do <a href="mailto:you@domain.com">you@domain.com</a>

    but i wrote this in like 3 seconds. put in any string and it gets html encoded

    but it renders correctly in a web browser, and spiders wont pick it up

    <a href="mailto:ENCODEDSTRING">ENCODEDSTRING</a>



    PHP Code:

    <script language javascript>

    function
    encode(f)
    {
        var 
    f.txt.value;
        var 
    res "";
        
        for(var 
    0s.lengthi++)
        {
            
    res += "&#" s.charCodeAt(i) + ";";
        }
        
        
    f.data.value res;
    }
    </script>

     

    <form name=info>
    <input type=text size=80 name=txt> :: insert text 2 encode

    <input type=text name = data size=120> :: result

    <input type = button value = encode onclick = 'encode(this.form)'>
    </form>

    <BR><BR><BR> 
    modiphy.com :: Phenomenal Web Design
    modiHost.com :: Affordable Web Hosting


  12. #12
    Join Date
    Aug 2001
    Location
    NE Ohio
    Posts
    502
    Use this website to encode email addresses on your website:
    http://www.wbwip.com/wbw/emailencoder.html
    Using the encoded email address in a mailto: will still work.

  13. #13
    Join Date
    Nov 2002
    Posts
    48
    El Nino,
    That's a great link.
    Malinda

  14. #14
    Join Date
    Feb 2002
    Posts
    3,729
    Originally posted by El Nino
    Use this website to encode email addresses on your website:
    http://www.wbwip.com/wbw/emailencoder.html
    Using the encoded email address in a mailto: will still work.
    I'm very sure bots have figured out a way to get around that..
    Have you Floble'd today?

  15. #15
    Join Date
    Oct 2000
    Posts
    1,113
    No. Thankfully not. Well that's according to an article I read a couple of days ago

  16. #16
    Try using images. This should prevent harvesting to a large extent.

    K Singh
    Pack Web Hosting
    http://packwebhosting.com
    Offer good support, at realistic prices.

  17. #17
    Here is a javascript that I use
    <script language="Javascript">
    <!--
    //this simple script by a1javascripts.com
    //please leave credit and instructions intact
    //simply enter your emailname and emailserver below
    //and copy and paste to entire script where you want it to show.
    emailname = "ACCOUNTNAME"
    emailserver = "DOMAIN.COM"
    //change the font face, color and size below
    document.write("<font face='Arial,Helvetica' size=-1>");
    document.write("<a href='mailto:" + emailname + "@" + emailserver + "'>");
    document.write("<font color='ff0000'>");
    document.write(emailname + "@" + emailserver);
    document.write("</a>");
    document.write("</font>");
    //-->
    </script>

  18. #18
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,092
    Originally posted by kreativ
    If I were a bot maker, I'd have rigged it a looong time ago so that "nospam" was automatically removed from any e-mail address.
    Hmm...maybe I should make the contact address for my site 'nospam@domain.tld'. Spambots remove 'nospam' and it gets nowhere...

  19. #19
    Why not just use a contact FORM instead of an e-mail address? Nothing to harvest there...
    I thank my Lord for all His wonderful blessings.

  20. #20
    Join Date
    Oct 2002
    Location
    UK
    Posts
    563
    Originally posted by El Nino
    Use this website to encode email addresses on your website:
    http://www.wbwip.com/wbw/emailencoder.html
    Using the encoded email address in a mailto: will still work.
    I've bookmarked this site... looks good!
    · Shared Hosting - Servers in the US and the UK
    · Reseller Plans - For ultimate reliability
    · WebAttention.net - Hosting made easy

  21. #21
    Join Date
    Sep 2002
    Location
    DC
    Posts
    291

    this will take care of it


  22. #22
    Join Date
    Oct 2000
    Posts
    1,113
    I don't fancy java encoders and therefor recommend the following encoder as it uses pure HTML (and it's free):

    NATATA Anti-Spam Encoder

    Does the same thing as the encoder El Nino posted a few replies back (http://www.wbwip.com/wbw/emailencoder.html)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •