Showing email address on blog
-
Todd Smith wrote:
-Encode the address so a bot will not find it "myemail at somewhere dot com"
People have been using that kind of thing for so many years now that I would be suprised if bots are not already looking for that kind of format and decoding it. It is trivial to parse out formats like:
me-at-someplace-dot-com
me(@)someplace.com
me(AT)someplace(DOT)com
etc.Todd Smith wrote:
-Use a clickable image and compose the email link dynamically
A better idea - just be sure that the "dynamic" part is followed - the server should accept the input and return the
mailto:link, not simply having the image's URL target be themailto:link - remember that bots generally scan the raw HTML, but do not render it. [Edit: Then again, a bot will generally follow links so that it can crawl a site, so it could still recognize the retuned link if it was smart enough... Ah, dammit - there I go again giving the bot-writers good ideas... :doh: :omg:] Generally, I have found that if someone wants to email me bad enough, I can simply give them an image with my email address on it and they will type it in by hand. Peace! -- modified at 14:07 Thursday 11th January, 2007-=- James
Please rate this message - let me know if I helped or not! * * *If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong!
Avoid driving a vehicle taller than you and remember that Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road!
See DeleteFXPFilesYes..I always thought that the spam bots must smart enough to decode things like me-at-someplace.com Good idea..:)
Time flies like an arrow; Fruit flies like a banana. Ashish Derhgawen - http://ashishrd.blogspot.com[^]
-
Hey guys, I was wondering..what could be the safest way to let people email me from my blog? I'm really scared of spam mail..any ideas? Ashish :)
Time flies like an arrow; Fruit flies like a banana. Ashish Derhgawen - http://ashishrd.blogspot.com[^]
i use this:
...some luverly HTMLio... <!-- var name = "my\_name"; var domain = "my\_domain.com"; var linktext = "email"; var subject = "email subject"; document.write('< a href=\\"mailto:' + name + '@' + domain + '?subject=' + subject + '\\">'); document.write(linktext + '< /a>'); //--> ...some more luverly HTMLio...(remove spaces at the start and close of the HREF tag) -- modified at 13:59 Thursday 11th January, 2007
image processing toolkits | batch image processing | blogging
-
i use this:
...some luverly HTMLio... <!-- var name = "my\_name"; var domain = "my\_domain.com"; var linktext = "email"; var subject = "email subject"; document.write('< a href=\\"mailto:' + name + '@' + domain + '?subject=' + subject + '\\">'); document.write(linktext + '< /a>'); //--> ...some more luverly HTMLio...(remove spaces at the start and close of the HREF tag) -- modified at 13:59 Thursday 11th January, 2007
image processing toolkits | batch image processing | blogging
Sounds like a good idea to me. I don't think the bots will ever be able to guess the actual email address this way. Ashish
Time flies like an arrow; Fruit flies like a banana. Ashish Derhgawen - http://ashishrd.blogspot.com[^]
-
Todd Smith wrote:
-Encode the address so a bot will not find it "myemail at somewhere dot com"
People have been using that kind of thing for so many years now that I would be suprised if bots are not already looking for that kind of format and decoding it. It is trivial to parse out formats like:
me-at-someplace-dot-com
me(@)someplace.com
me(AT)someplace(DOT)com
etc.Todd Smith wrote:
-Use a clickable image and compose the email link dynamically
A better idea - just be sure that the "dynamic" part is followed - the server should accept the input and return the
mailto:link, not simply having the image's URL target be themailto:link - remember that bots generally scan the raw HTML, but do not render it. [Edit: Then again, a bot will generally follow links so that it can crawl a site, so it could still recognize the retuned link if it was smart enough... Ah, dammit - there I go again giving the bot-writers good ideas... :doh: :omg:] Generally, I have found that if someone wants to email me bad enough, I can simply give them an image with my email address on it and they will type it in by hand. Peace! -- modified at 14:07 Thursday 11th January, 2007-=- James
Please rate this message - let me know if I helped or not! * * *If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong!
Avoid driving a vehicle taller than you and remember that Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road!
See DeleteFXPFilesJames R. Twine wrote:
Generally, I have found that if someone wants to email me bad enough, I can simply give them an image with my email address on it and they will type it in by hand.
The other, and IMO less irritating method to the user is to require the user put SomeWord in the subject header and have the mail servers spam filters reject all emails with out that in the subject. Click the link, copy/paste into the subject.
-- Rules of thumb should not be taken for the whole hand.
-
i use this:
...some luverly HTMLio... <!-- var name = "my\_name"; var domain = "my\_domain.com"; var linktext = "email"; var subject = "email subject"; document.write('< a href=\\"mailto:' + name + '@' + domain + '?subject=' + subject + '\\">'); document.write(linktext + '< /a>'); //--> ...some more luverly HTMLio...(remove spaces at the start and close of the HREF tag) -- modified at 13:59 Thursday 11th January, 2007
image processing toolkits | batch image processing | blogging
Okay..I'm trying your technique on a test mail address. If the results are good..I'll use my default email address. :D Ashish
Time flies like an arrow; Fruit flies like a banana. Ashish Derhgawen - http://ashishrd.blogspot.com[^]
-
i use this:
...some luverly HTMLio... <!-- var name = "my\_name"; var domain = "my\_domain.com"; var linktext = "email"; var subject = "email subject"; document.write('< a href=\\"mailto:' + name + '@' + domain + '?subject=' + subject + '\\">'); document.write(linktext + '< /a>'); //--> ...some more luverly HTMLio...(remove spaces at the start and close of the HREF tag) -- modified at 13:59 Thursday 11th January, 2007
image processing toolkits | batch image processing | blogging
I've used this approach before. As far as I could tell, it was never exploited.
"Approved Workmen Are Not Ashamed" - 2 Timothy 2:15
"Judge not by the eye but by the heart." - Native American Proverb
-
I've used this approach before. As far as I could tell, it was never exploited.
"Approved Workmen Are Not Ashamed" - 2 Timothy 2:15
"Judge not by the eye but by the heart." - Native American Proverb
I just hope spam bot makers are not watching this conversation :~ Ashish
Time flies like an arrow; Fruit flies like a banana. Ashish Derhgawen - http://ashishrd.blogspot.com[^]
-
I just hope spam bot makers are not watching this conversation :~ Ashish
Time flies like an arrow; Fruit flies like a banana. Ashish Derhgawen - http://ashishrd.blogspot.com[^]
well, i got the JS off the net, somewhere myself. you can certainly do some tweaking to the script itself, to disguise it from any bots looking for that particular script...
image processing toolkits | batch image processing | blogging
-
i use this:
...some luverly HTMLio... <!-- var name = "my\_name"; var domain = "my\_domain.com"; var linktext = "email"; var subject = "email subject"; document.write('< a href=\\"mailto:' + name + '@' + domain + '?subject=' + subject + '\\">'); document.write(linktext + '< /a>'); //--> ...some more luverly HTMLio...(remove spaces at the start and close of the HREF tag) -- modified at 13:59 Thursday 11th January, 2007
image processing toolkits | batch image processing | blogging
Wouldn't a bot using a screen scraper (which has the ability to run javascript) still get the same results?
Rocky <>< Latest Code Blog Post: SQL Server Express Warnings & Tips Latest Tech Blog Post: Microsoft doing it again!
-
Wouldn't a bot using a screen scraper (which has the ability to run javascript) still get the same results?
Rocky <>< Latest Code Blog Post: SQL Server Express Warnings & Tips Latest Tech Blog Post: Microsoft doing it again!
-
James R. Twine wrote:
Generally, I have found that if someone wants to email me bad enough, I can simply give them an image with my email address on it and they will type it in by hand.
The other, and IMO less irritating method to the user is to require the user put SomeWord in the subject header and have the mail servers spam filters reject all emails with out that in the subject. Click the link, copy/paste into the subject.
-- Rules of thumb should not be taken for the whole hand.
Good idea! But it is easy only if you operate your own domain names and/or can create multiple email addresses for yourself. Peace!
-=- James
Please rate this message - let me know if I helped or not! * * *If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong!
Avoid driving a vehicle taller than you and remember that Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road!
See DeleteFXPFiles -
Hey guys, I was wondering..what could be the safest way to let people email me from my blog? I'm really scared of spam mail..any ideas? Ashish :)
Time flies like an arrow; Fruit flies like a banana. Ashish Derhgawen - http://ashishrd.blogspot.com[^]
Try this spam me not[^] There are a few of these around but what I like about this one is that it has a random-mixed encoding mode. That is it mixes hex and decimal encoding at random places in the encoding so even the same input string will result in different encodings. I usually add an additional precaution of adding an extra zero or two on the "@", "." and "com" encodings. :wtf: That is I replace x40 ==> x040 or x000040 64 ==> 064 or 00064 x2e ==> x002e or x0002e 46 ==> 046 or 000046 Mix them up so there is no predictable pattern. There is a limit to the number of preceding zeros but I don't remember exactly what it is. :-O You can do some tests to find the limit. If you just stick with up to 4 leading zeros and mix them up it should be OK. :cool: Not entirely necessary but it will usually fool the script kiddies but not necessarily MI6. :doh:
I'm on-line therefore I am. JimmyRopes
-
Try this spam me not[^] There are a few of these around but what I like about this one is that it has a random-mixed encoding mode. That is it mixes hex and decimal encoding at random places in the encoding so even the same input string will result in different encodings. I usually add an additional precaution of adding an extra zero or two on the "@", "." and "com" encodings. :wtf: That is I replace x40 ==> x040 or x000040 64 ==> 064 or 00064 x2e ==> x002e or x0002e 46 ==> 046 or 000046 Mix them up so there is no predictable pattern. There is a limit to the number of preceding zeros but I don't remember exactly what it is. :-O You can do some tests to find the limit. If you just stick with up to 4 leading zeros and mix them up it should be OK. :cool: Not entirely necessary but it will usually fool the script kiddies but not necessarily MI6. :doh:
I'm on-line therefore I am. JimmyRopes
Awesome!
Time flies like an arrow; Fruit flies like a banana. Ashish Derhgawen - http://ashishrd.blogspot.com[^]
-
Awesome!
Time flies like an arrow; Fruit flies like a banana. Ashish Derhgawen - http://ashishrd.blogspot.com[^]
One caution with using mailto: If the person needing to send email does not have an email client set up on their machine (i.e. outlook express with a mail account set up) they will not be able to use the link because there is no email client to process the email on their machine. An example of this is the person who uses gmail, yahoo, hotmail, etc. I usually offer multiple ways to send email, one of which is that they can type the email address – encoded on the web site of course - into their web mail client. Typically I will set up a form where they select from a predefined drop down list, if there are more than one potential recipients, who to send the email to. customer_support@, technical_support@, sales@, webmaster@, etc. I also provide a drop down selection of predefined subjects. General Inquiry, Billing Question, Comments, etc. I provide a place for the message and send it via a server side script using the servers email service. I provide a place for an email address to be entered and if they do not enter one I inform them that it is required, or, if optional, that they will not receive a reply if there is none supplied. This gives them an option of sending a comment anonymously. In practice I usually require an email address but have been known to solicit anonymous comments for clients who wanted it that way. The one drawback to this approach is that they can enter a false, well formed, email address but in my experience that is not a problem. People who take the time to fill out a form are usually legitimate. I will email you the URLs of some sites I have developed that demonstrate what I am talking about but cannot post the URLs here because these are commercial sites and it would be advertising. If you are interested after you see the examples I can show you the code in the web development forum.
I'm on-line therefore I am. JimmyRopes