SitePoint Sponsor

User Tag List

Results 1 to 17 of 17
  1. #1
    SitePoint Zealot Bootfit's Avatar
    Join Date
    Jun 2005
    Location
    Liverpool, UK
    Posts
    149
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Anti-Email-Gathering script...

    I've been told there is a script around that stops automated scripts trawling through your site and gathering email addresses - has anyone else heard of this anti-script? Is it a common enough script and whats it called?

    Cheers all

  2. #2
    SitePoint Guru Rob_D's Avatar
    Join Date
    Oct 2006
    Location
    UK
    Posts
    882
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    One way to do this is:
    Code:
    Email: <script language="JavaScript" type="text/javascript">
    document.write('<a href="mailto:some.body' + '@' + 'domain.com'>' + 'Some Body</a>');
    </script>
    This breaks up the email address. Only problem is that any one who has JavaScript switched off will not be able to see the email address.

    Can anyone suggest a better method? Maybe a form with an email address that resides on the server perhaps?

    With all this spam around email is becomming a real PITA. This is old technology now - I wonder what alternative method will be devised to replace it while maintaining functionality.

  3. #3
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Location
    DK
    Posts
    59
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I once write this function:

    Code:
    function eDB(emailCode)
    {
    	var emailDatabase=new Array(
    	"w*webmaster@xyz.xyz",
    	"m*meh@xyz.xyz",
    	"c*cmh@xyz.xyz",
    	"s*suh@xyz.xyz",
    	"d*dobby@xyz.xyz"
    	);
    	
    	var i;
    	var tempData = new Array();
    	var eMail = "";
    	
    	for (i=0,j=emailDatabase.length;i<j;i++)
    	{
    		tempData=emailDatabase[i].split("*");
    		
    		if (emailCode==tempData[0])
    		{
    			eMail=tempData[1];
    		}
    	}
    	window.location.href("mailto:"+eMail);	
    }
    Use it in the HTML this way:
    HTML Code:
    <a href="javascript: eDB('w')" title="Contact webmaster">Contact webmaster</a>
    Drawback: Visitors with JS turned off cannot use the link. I don't know how to solve this problem... maybe some kind of serverside scripting which I have no knowledge about...

    Today I would make it something like putting the words "Contact webmaster" into a <span> with a ID and make an click event to handle it. The script would then (without the code making the event) be something like this:
    Code:
    window.location.href("mailto:webmaster@xyz.xyz");
    Michael

  4. #4
    SitePoint Guru Rob_D's Avatar
    Join Date
    Oct 2006
    Location
    UK
    Posts
    882
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by hegelund View Post
    Today I would make it something like putting the words "Contact webmaster" into a <span> with a ID and make an click event to handle it. The script would then (without the code making the event) be something like this:
    Code:
    window.location.href("mailto:webmaster@xyz.xyz");
    Michael
    But that wouldn't stop automated scripts trawling through your site and gathering that email address would it?
    It has yet to be proven that intelligence has any survival value.
    Arthur C. Clarke

  5. #5
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Location
    DK
    Posts
    59
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    As far as I know the spambots cannot read scripts, only HTML code. And you should, of course, place the script in an external js-file.

    Michael

  6. #6
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Location
    DK
    Posts
    59
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well, after a little thinking: You could dim the e-mail adress by deviding it into several parts added together, e.g. "webmaster"+"@"+"xyz"+".xyz".

    I just searched with Google after +avoid +spambots. This search gave me 178,000 links... Try it! Lots of suggestions about fooling spambots etc.

    Michael
    Last edited by hegelund; Dec 20, 2006 at 12:25. Reason: Forgot e-mail notification...

  7. #7
    SitePoint Guru
    Join Date
    Jun 2006
    Posts
    638
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Rob_D View Post
    One way to do this is:
    Code:
    Email: <script language="JavaScript" type="text/javascript">
    document.write('<a href="mailto:some.body' + '@' + 'domain.com'>' + 'Some Body</a>');
    </script>
    This breaks up the email address. Only problem is that any one who has JavaScript switched off will not be able to see the email address.
    That won't stop anyone... to get your emails users will make a script to automatically crawl your site. Those scripts don't support JS, and you need extra work to get them to.

    So what you need to do to make sure, is wither:
    a) don't show the emails.
    b) make a server script to put some images with crooked text instead of the email text.

    If the email is in the HTML when it's loaded from the server, you can be 100% sure someone can make a script to get them all.

  8. #8
    SitePoint Guru Rob_D's Avatar
    Join Date
    Oct 2006
    Location
    UK
    Posts
    882
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Vali View Post
    That won't stop anyone... to get your emails users will make a script to automatically crawl your site. Those scripts don't support JS, and you need extra work to get them to.
    I'm not sure what you mean. I thought trawlers look for patterns to get email addresses. If you break up the email addresses enough using JavaScript then they won't get trawled, right?
    It has yet to be proven that intelligence has any survival value.
    Arthur C. Clarke

  9. #9
    Worship the Krome kromey's Avatar
    Join Date
    Sep 2006
    Location
    Fairbanks, AK
    Posts
    1,621
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Here's what I do, and the e-mails I've protected with this method have yet to get harvested (judging by the amount of spam they receive - none!):
    HTML Code:
    <a href="mailto&#58;user&#64;domain&#46;com">E-mail me!</a>
    Since these bots crawl the source code looking for things like "mailto:jim@bob.com" or even just "jim@bob.com", obfuscating it by encoding the characters this way stops these bots from finding these addresses. This also has the huge advantage of still being available to users who may have JavaScript disabled for whatever reason, and avoids the usability issues with using a script (screen readers and other assistive techs should be able to read these addresses just fine).

    You could even take it a step further and encode some or all of the other characters in the address as well, but I've never seen a need for this since it so far works flawlessly!
    PHP questions? RTFM
    MySQL questions? RTFM

  10. #10
    Who is Mr Blonde? Mr Blonde's Avatar
    Join Date
    Sep 2006
    Location
    Gold Coast, QLD
    Posts
    359
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I use this tool to encrypt my email addresses and store them in an external .js file. Its worked pretty well so far...
    Heavens Rejects : Online Clothing Store
    Alternative Clothing : Mr Blonde
    Front end development : By the Webfella

  11. #11
    SitePoint Guru Rob_D's Avatar
    Join Date
    Oct 2006
    Location
    UK
    Posts
    882
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by kromey View Post
    HTML Code:
    <a href="mailto:user@domain.com">E-mail me!</a>
    Since these bots crawl the source code looking for things like "mailto:jim@bob.com" or even just "jim@bob.com", obfuscating it by encoding the characters...
    Can't see the encoding! Maybe a forum thing...

    Can you post an image?
    It has yet to be proven that intelligence has any survival value.
    Arthur C. Clarke

  12. #12
    SitePoint Addict
    Join Date
    Oct 2006
    Posts
    210
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by kromey View Post
    Here's what I do, and the e-mails I've protected with this method have yet to get harvested (judging by the amount of spam they receive - none!):
    HTML Code:
    <a href="mailto:user@domain.com">E-mail me!</a>
    For the confused readers that haven't looked at the source for the A element above, here it is:

    Code:
    <a href="mailto& #58;user& #64;domain& #46;com">E-mail me!</a>
    OK, so I can't get the code to post correctly either . The objective is to use decimal based HTML entities for some of the characters. For the code above, I had to add a space after the & characters. Just remove the spaces and the entities will work.

    Kromey, this is a great idea. I'd heard of this before and lately I have been looking to rediscover it for a few personal web sites I'm working on. Thanks for the reminder!

  13. #13
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Best way is to use a contact form with a form2mail script that adds the email address after the form is submitted. That way there isn't even an obfuscated version of the email address on the page for the spambots to even attempt to read. Many of the latest ones can read the Javascript to attempt to extract the email addresses from there since the spammers don't like people hiding the email addresses from them.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  14. #14
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Location
    DK
    Posts
    59
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Mr Blonde View Post
    I use this tool to encrypt my email addresses and store them in an external .js file. Its worked pretty well so far...
    Interesting link!

    Michael

  15. #15
    SitePoint Addict mmanders's Avatar
    Join Date
    Jul 2006
    Location
    Edinburgh, Scotland
    Posts
    358
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The form2mail idea is a popular one, and could well get around the problem. Unfortunately a lot of companies (at least those in the UK) are legally requried to put in their site, a contact email address, a registered company number, a registered company address etc. This information doesn't have to be on every page, but it must be easily available to a visitor. So for all the UK registered companies out there, I would suggest the encoded characters route so as not to get fall foul of the law.

  16. #16
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    An image containing the email address would be more accessible and less likely to have the address captured by spammers. Just don't make it a link and don't put the address in the alt attribute. You could then put that on the page with your contact form.

    Since using Javascript to obfuscate the address is less accessible for people with disabilities than the image would be you are less likely to run into problems with disabled people being able to contact you if you do it that way.

    Surely the UK law doesn't require that you tell the spammers where to send their spam?
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  17. #17
    SitePoint Member
    Join Date
    Dec 2006
    Location
    France
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Thumbs up Great :)

    Thanks for these posts ! I'll use the HTML code...


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •