Results 1 to 9 of 9
  1. #1
    Join Date
    Jun 2004
    Posts
    2,852

    Hiding email addresses

    Hi,

    I have a client who is a professional bookkeeping association. They have hundreds of members email addresses listed. The members are complaining of spam. I need a way for the addresses to show up, but not be spammed, any questions?

    Thanks!
    Marc

  2. #2
    Join Date
    Nov 2004
    Location
    Toronto, Canada
    Posts
    163
    Here are a few ways to do it:

    The easiest would be to use name@[nospam]domain.com

    Another way is to make the email addresses a gif or jpg.

    The third would be to use java scripting - I remember reading something like that.

    There may be other ways, if anyone else wants to chime in with their .02 cents.
    PrimeHost Inc. - Canadian Web Hosting PrimeHost.ca - Canada's Prime Web Host
    █ Reliable Web Hosting for Business and Personal Websites on Canadian Servers

  3. #3
    Join Date
    May 2004
    Location
    Pflugerville, TX
    Posts
    11,222
    Set up a form that allows someone to email the members by selecting one from a drop down list. Match the value of the member chosen (perhaps something as simple as a small number) to a list within your form processor, which contains proper email addresses. Now, anyone can be accessed, but addresses cannot be harvested.

    Of course, you need a secure email script first, and some basic-intermediate programming knowhow. I recommend [email protected]
    Studio1337___̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡ ̡͌l̡̡̡̡.__Web Design

  4. #4
    Join Date
    Nov 2001
    Location
    Vancouver
    Posts
    2,416
    Too late. If individual email addresses (not email addresses provided by the association) pointing to hundreds of different domains were on-line, and they are getting spam, they'll keep on getting spam forever and a day.

    True, you should do something about the current situation, even if it won't really make a dent on the spam they get now, nor will they understand that or be happy even if they do understand the situation.

    What you can do is turn their email addresses into character references. This won't fool all email harvesters but will fool most, at present eg.

    <a href="mailto:[email protected]">[email protected]</a> turns into:

    Code:
    <a href="ma&#x69;lt&#x6F;:&#x66;o&#x6F;@&#x62;ar&#x2E;&#x63;&#x6F;m">&#x66;o&#x6F;@&#x62;ar&#x2E;&#x63;&#x6F;m</a>
    EDIT: Silly forum software is mangling the code above, but believe me, it does function. The CMS software I develop uses this technique. No browser side javascript, and is simple to implement in most scripting languages (on the server).

    If you really need to absolutely keep emails from harvesting, an email form is the way to go. Links from members could take you to a pre-populated form. Good form design can be made resistant to scripts which try to exploit this approach through the use of one-off tokens. Perhaps a little more advanced than this topic and response requires.

    Paste the above into an HTML document and view it with your browser.
    Last edited by mwatkins; 10-12-2006 at 01:29 AM.
    “Even those who arrange and design shrubberies are under
    considerable economic stress at this period in history.”

  5. #5
    Join Date
    Sep 2006
    Location
    richmond / heidelberg
    Posts
    10
    Quote Originally Posted by HostHere
    I have a client who is a professional bookkeeping association. They have hundreds of members email addresses listed. The members are complaining of spam. I need a way for the addresses to show up, but not be spammed, any questions?
    The only way I know of to display an email address on a page and have it clickable, while at the same time providing a certain level of protection from spammers gobbling up the addresses, is through the use of JavaScript.

    Here's one: Enkoder, there's most likely many more. I use the Enkoder app for Mac OS X and have been lucky so far - no addresses displayed on my site have been spammed (yet).

    Just keep in mind that this whole "displaying email addresses on a website" thing is a perpetual cat and mouse game ... developer comes up with new way of encoding email address, spammer comes up with new harvester to scour the web and decode the JS used to protect your email address ... rinse and repeat. You might have to change the encoding from time to time.

    HTH

  6. #6
    Join Date
    May 2004
    Location
    Pflugerville, TX
    Posts
    11,222
    The problem with JavaScript solutions is they can hide the content from human visitors as well as bots! JavaScript is an optional technology, and as much as I love scripting in JavaScript, it is unwise to use it to obfuscate markup in any way. VERY unwise.
    Studio1337___̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡ ̡͌l̡̡̡̡.__Web Design

  7. #7
    Join Date
    Sep 2006
    Location
    richmond / heidelberg
    Posts
    10
    Quote Originally Posted by the_pm
    ..., it is unwise to use it to obfuscate markup in any way. VERY unwise.
    Yes and no.

    I'm sure I'm not telling anyone anything they've never heard before when I say: "It depends". Depends on:
    • Who is the target audience?
    • What is the purpose of the site?

    To speak in broad terms ... a site geared towards a very broad target audience like yahoo, for example requires an entirely different set of client-side benchmarks than, let's say, a corporate site for a design studio.

    In an ideal world we'd all be all be adhering to web standards all the time, in any situation. But we don't live in a such a world and at least for the foreseeable future, the nature of most interactive projects will remain very similar ... "you gotta die at least one death in each and every project".

    But I most definitely agree with the sentiment that markup shouldn't be obfuscated if there's even the slightest chance of achieving the same goal with "standard-compliant" means.


  8. #8
    Join Date
    May 2004
    Location
    Pflugerville, TX
    Posts
    11,222
    It's not really a matter of standards compliance so much as it is a matter of accessibility. JavaScript is perfectly compliant (assuming you're using scripting techniques that conform to ECMA specifications, but that's hardly ever an issue). Unless you have control over the user environments in which viewing will take place (such as in a tightly controlled corporate network, or through kiosks, etc.), you cannot predict who within your audience may be browsing with JavaScript disabled or not available. It's an optional technology, and it is ill-advised to use optional technology to serve up critical content, such as a means for contacting someone.

    The simple truth is that there is no reliable (in terms of visitor use) and safe (in terms of spam harvesting) way to put your email address on a page for visitors to see. The only way to prevent getting harvested or slow the propagation of your email address once you've been harvested is to create a means for email communication that does not expose your address, either in print within your page's content or within a hidden field in your markup.

    Actually effgee, you might find this interesting! A small group of us are in the midst of testing search engines with different gibberish words to see what means of serving content can and cannot be detected by search engines. Here's the list of test "words" - http://www.paulhirsch.com/se_test.html - and the key that explains what's being presented within each entry - http://www.paulhirsch.com/key.html

    I think it would be great fun to put together a page that posts email addresses to a throwaway domain, and see how long it take each method to get picked up by bots by checking those addresses periodically for spam and charting dates of first receipt and volume. Wouldn't that be neat to see!
    Studio1337___̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡ ̡͌l̡̡̡̡.__Web Design

  9. #9
    Hi,

    The best and simple way may be to encode the content of the webpage. When someone use software to search for email address, the software only see some strange codes and cannot reconize the email addresses.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •