SitePoint Sponsor

User Tag List

Results 1 to 12 of 12
  1. #1
    SitePoint Member
    Join Date
    Sep 2008
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Putting a 'safe' email address on a web page

    Spammers are the bane of the web. I have seen web sites that use this format (in an ordinary paragraph) such as: "Send email to tom at server.com"

    This would seem to confound a spammer but it is very inconvenient for the genuine visitor to the site. Is there a "fix" in HTML that blocks spammers without making life difficult for us others?

  2. #2
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,014
    Mentioned
    187 Post(s)
    Tagged
    2 Thread(s)
    IMHO it is better to not display your email address (or any other "too" personal information) online. I think a contact form, with adequate SPAM prevention safeguards in place, is better. Unless you are comfortable with your email's SPAM filtering, why risk it? Obfuscating your address from harvester bots is one thing, but once it gets on the lists, watch out.

  3. #3
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,785
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    At least with a contact form that adds the email address afterwards - when your spam safeguards are bypassed you can change the safeguards in the form and block spam again until the next time it gets bypassed. With an address in the page no matter how encoded, once a spammer gets it the address becomes worthless.

    Since some spammers employ people to examine web pages to find email addresses for them there is no form of in page email address that the spammmers can't get.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  4. #4
    #titanic {float:none} silver trophy
    molona's Avatar
    Join Date
    Feb 2005
    Location
    from Madrid to Heaven
    Posts
    8,175
    Mentioned
    233 Post(s)
    Tagged
    1 Thread(s)
    There are methods to obfuscate your e-mail address in order to make it a bit harder, such as using an image to show your address, or to write it as "example.at.example.com", and many others.

    Unfortunately, there is not a safe method and no way to do it . Whenever a new system is developed, the spammers find a way to break it.

    Agree with what said above. The safesest is to use a form and, probably, some kind of captcha. This will take some spam away, not all as some spam bots can already break that security.

    Still, some companies do need to put their e-mail address... then I would suggest to use a generic account and a good spam filter, because obfuscating only create problems for the users.

  5. #5
    SitePoint Enthusiast UglyDogDesigns's Avatar
    Join Date
    Sep 2008
    Location
    Colorado Springs, CO
    Posts
    44
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You can always do something like this...

    Code:
    <%
    eaddp1 = ""
    eaddp2 = ""
    eaddp3 = ""
    eadd = eaddp1 & &#64; & eaddp2 & "." & eaddp3
    %>
    
    <a href='mailto:" & eadd & "'>Email Us</a>
    Craig McGuire
    Current Design : UglyDogDesigns.com
    New Design: UglyDogDesigns.com

  6. #6
    #titanic {float:none} silver trophy
    molona's Avatar
    Join Date
    Feb 2005
    Location
    from Madrid to Heaven
    Posts
    8,175
    Mentioned
    233 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by UglyDogDesigns View Post
    You can always do something like this...

    Code:
    <&#37;
    eaddp1 = ""
    eaddp2 = ""
    eaddp3 = ""
    eadd = eaddp1 & @ & eaddp2 & "." & eaddp3
    %>
    
    <a href='mailto:" & eadd & "'>Email Us</a>
    That's what we call obfuscating the e-mail address... The result, in this case, will be as bad as simply writing your e-mail address directly. The reson being that your PHP page would be first interpreted by the server and then served to the browser. The result of that interpretation would be
    Code:
    <a href="mail@mail.com">Email Us</a>
    This is what the browser will see, and this is the HTML that it will render to the user, showing him the link.

    At least you tried, though, so keep it up

  7. #7
    SitePoint Enthusiast UglyDogDesigns's Avatar
    Join Date
    Sep 2008
    Location
    Colorado Springs, CO
    Posts
    44
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by molona View Post
    That's what we call obfuscating the e-mail address... The result, in this case, will be as bad as simply writing your e-mail address directly. The reson being that your PHP page would be first interpreted by the server and then served to the browser. The result of that interpretation would be
    Code:
    <a href="mail@mail.com">Email Us</a>
    This is what the browser will see, and this is the HTML that it will render to the user, showing him the link.

    At least you tried, though, so keep it up
    You are exactly right...Brainfart...If you use forms and use the technique I noted to set the to address then there is no address used till you submit it.
    Craig McGuire
    Current Design : UglyDogDesigns.com
    New Design: UglyDogDesigns.com

  8. #8
    SitePoint Enthusiast kabo0m's Avatar
    Join Date
    Jun 2005
    Location
    Canada
    Posts
    25
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question

    Okay well I just saw this thread and this topic is exactly what I am looking for answers on (forgot I was even signed up here lol).

    What I want to know is since

    Code:
    <&#37;
    eaddp1 = ""
    eaddp2 = ""
    eaddp3 = ""
    eadd = eaddp1 & @ & eaddp2 & "." & eaddp3
    %>
    
    <a href='mailto:" & eadd & "'>Email Us</a>
    or what I got

    Code:
    <script language="javascript"> 
    <!-- 
    var username = "mail"; 
    var hostname = "mail.com"; 
    var linktext = "Email Me"; 
    document.write("<a href=" + "mail" + "to:" + username + 
    "@" + hostname + ">" + linktext + "</a>") 
    //--> 
    </script>
    will not prevent spam (crap I use that too .. gotta change it)

    what about these 2 other methods I have been trying as well???

    Putting it as ancii like http://safeemail.org shows

    <a href="&#109;&#97;&#105;&#108;&#64;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;">&#101;&#109;&#97;&#105;&#108; &#109;&#101;!</a>

    or a recaptcha such as this? http://mailhide.recaptcha.net

    http://mailhide.recaptcha.net/d?k=01...hoDtSD15hbqg==

    Edit: Holy crap do you guys realize how hard it was to post that without putting links?? This is what the topic is about! I really don't want to spam just to get above 10 posts just to be able to ask this question to stop spam to my email .. geeze..
    Last edited by kabo0m; Feb 22, 2009 at 04:28. Reason: Had to edit just to show the code without the 10 post requirement preventing me and also wanting the forum not to convert
    Self-Taught Web-Designer (just know HTML)
    Site #1: SA Half-Life Gaming
    Site #2: Kidney Disease Site

  9. #9
    SitePoint Enthusiast
    Join Date
    Feb 2009
    Location
    London
    Posts
    25
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why not just use a form? no need for any addresses at all?
    ------------------------------------------------------
    uk shopping | sky+ hd
    ------------------------------------------------------

  10. #10
    SitePoint Enthusiast kabo0m's Avatar
    Join Date
    Jun 2005
    Location
    Canada
    Posts
    25
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by shop-bright View Post
    Why not just use a form? no need for any addresses at all?
    Actually I am now looking into that myself.. since I am a noob really .. any suggestions for a safe but easy to use form?

    I have used http://www.freedback.com/ before ..

    Edit:

    Okay I got a question .. regarding spammers and 'safe' email addresses on the net. If you use a form .. where can you get one when you don't know how to make one that is spammer proof??

    I know .. probably a stupid question and not surprised if it is impossible to get one for free unless you make it yourself .. but thought I would ask anyway. Thx.
    Last edited by kabo0m; Feb 21, 2009 at 18:14. Reason: Came back to ask more..
    Self-Taught Web-Designer (just know HTML)
    Site #1: SA Half-Life Gaming
    Site #2: Kidney Disease Site

  11. #11
    SitePoint Guru hgilbert's Avatar
    Join Date
    Dec 2004
    Location
    London
    Posts
    839
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Code JavaScript:
    window.onload = start;
     
    function start()    
    {
        emailChange();
    }
     
    function emailChange()
    {
        var oEmail=document.getElementById("lnkEmail");
        oEmail.innerHTML = "your-real-email@website.com";
        oEmail.setAttribute("href","your-real-email@website.com
    ");
    }

    Code HTML4Strict:
    <html>
    <head>
    <script type="text/javascript" src="scripts/email-change.js"></script>
    </head>
    <body>
    <a id="lnkEmail" href="mailto:another-email@website.com" title="Send us an Email">another-email@website.com
    </a>
     
    </body>
    </html>

    your spam free email will be: your-real-email@website.com

    your spammed email will be: another-email@website.com

    note: don't make another-email@website.com be something like NOSPAM@website.com

    just think of another email that is still inviting and accessible for those with javascript switched off.

    Then inspect that Spam riddled email from time to time for real messages.
    Although chances are you won't get any ... Only Spam!


  12. #12
    SitePoint Enthusiast kabo0m's Avatar
    Join Date
    Jun 2005
    Location
    Canada
    Posts
    25
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Oh wow nice! I have an email client that offers "disposable?" email addresses that I could use as the alternative email and yet still check so this is perfect! Thanks!

    Also I found this which is really cool if people don't want to use hgilbert's code exactly .. but nice I like it!

    That one is also better than anything else I have found online because I was just told this:

    all the javascript is useless vecause bots use aprint command now wich cancels anything that isnt in the code but still prints... the only thing that is secured in that sence is a code that sends a POST command to a cgi or pmp code (non readable) and then that php code or cgi has your email and handles the sendmail.
    Wow! I guess that would mean that even this site wouldn't be good enough:

    w2.syronex.com/jmr/safemailto/
    Last edited by kabo0m; Feb 22, 2009 at 16:41. Reason: Added more info and didn't want to double post
    Self-Taught Web-Designer (just know HTML)
    Site #1: SA Half-Life Gaming
    Site #2: Kidney Disease Site


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •