How to stop spammers from getting the email address from a mailto link? [duplicate]
Asked Answered
B

7

6

Duplicate:


What is the best way to prevent spammers from getting the email address from your mailto links? I'm under the impression that javascript could be a solution. I don't know if my current solution is fool proof, so that's why I'm asking.

Here's what I'm currently doing:

<script language="JavaScript"><!--
var name = "emailusername";
var domain = "yahoo.com";
var text = "[email protected]";
document.write('<a href=\"mailto:' + name + '@' + domain + '\">');
document.write(text + '</a>');
// --></script>

Is there is a better way? I don't like having to have this chunk of code everywhere I want to put a mailto link.

Biome answered 20/4, 2009 at 20:14 Comment(0)
H
2

Javascript helps, but this won't help much. The email address is still visible in the html source using this type of script.

The "best" options use client-side javascript to "build" the email address out of parts, so the entire email address is never visible in the HTML source in one piece. The browser puts it together for you on the client.

Example:

<script language="JavaScript"><!--
var name = "emailusername";
var domain = "yahoo.com";
document.write('<a href=\"mailto:' + name + '@' + domain + '\">');
document.write(name + '@' + domain + '</a>');
// --></script>
Hackworth answered 20/4, 2009 at 20:16 Comment(0)
F
1

A simple fix:

<script language="JavaScript"><!--
var name = "emailusername";
var domain = "yahoo.com";
document.write('<a href=\"mailto:' + name + '@' + domain + '\">');
document.write(name + '@' + domain + '</a>');
// --></script>

Which basically is the same as Reed suggests but with you existing code.

Forgave answered 20/4, 2009 at 20:19 Comment(1)
I added this example in reed answer.Skilling
C
0

That's not even remotely a good way. Spammers will grab the whole thing and match addresses with a regex. They won't bother looking for mailto:. Also, any scheme you can think of with Javascript has already been tought of and countered by the spammer. In fact, they'll probably just be able to run the javascript and get the adress.

You can

A) Filter spam
B) Use a form to submit mail (Which the spammers will still probably use.)

Castellan answered 20/4, 2009 at 20:17 Comment(0)
S
0

You're on the right track, but having emailusername in there sort of defeats the purpose (most spider bots don't bother to make the distinction between HTML and script code, and just look for anything that appears email-like on the page).

I have heard of evidence that some spider bots have the capability to run Javascript now, and will resolve this sort of obfuscation all by themselves.

Southwesterly answered 20/4, 2009 at 20:19 Comment(0)
D
0

There's no 110% surefire way of preventing that, apart from dumb tricks that just hinder the use of email, like putting all email addresses as images etc.

At least personally I've accepted that the addresses will get harvested at least to some degree. I use this little php-function to html-encode all email addresses. That way they'll be perfectly usable by all real browsers, but fool the dumbest of harvesters. Like I said, it's not 110%, but I'm happy with it.

function turboencode($s){
    $tempstr = "";
    for($i = 0; $i < strlen($s); $i++){
        $c = substr($s, $i, 1);
        $tempstr .= "&#" . ord($c) . ";";
    }
    return $tempstr;
}
Dorothy answered 20/4, 2009 at 20:20 Comment(0)
T
0

The best way to prevent harvesting is to simply not have the mailto: link at all.

Short of that, there aren't many counters. Things like CSS content and images have been tried and circumvented, and JavaScript is a half-way non-solution (which is to say it doesn't work.)

One possible counter is obfuscation: Add nonsense to your address like this:

mailNO`at`SPAMyahoo`dot`com

And most automated harvesters will (initially) have some trouble detecting it. Alternatively, things like comments could be used to confuse most harvesters. (RFC822 describes the full syntax of email addresses, which includes comments as a part of the address-specification.)

Another counter is to use a form with a CAPTCHA of some sort.

None of them are fully effective.

Tensimeter answered 20/4, 2009 at 20:25 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.