homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque

Webmaster General Forum

Avoiding email harvesters

10+ Year Member

Msg#: 3797 posted 1:29 pm on Nov 3, 2003 (gmt 0)

Hi, I've a service where users need to post their addresses.
Currently I'm posting userId @ domain.com with " @ " and banned known ip/agents.
Another idea?



WebmasterWorld Senior Member 10+ Year Member

Msg#: 3797 posted 2:08 pm on Nov 3, 2003 (gmt 0)

If you keep them in linked plaintext then they will get harvested sooner or later, you can improve your odds a little by protecting clickable email addresses using e-mail entity encoding (google for it) so that it makes it harder for them to find addresses on the page.

I'd also suggest encoding parts of the "mailto:" prefix so that this doesn't become the weak part of the system...

Otherwise your best bet is to not show email addresses unless the user registers or deal with it the FriendsReunited does and don't actually expose the email addresses on the site but instead act as a trusted 3rd party which establishes communication between the two people.

- Tony


WebmasterWorld Administrator lorax us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

Msg#: 3797 posted 3:28 pm on Nov 3, 2003 (gmt 0)

If the purpose of the email addresses is to provide users a way to contact each other you could use a simple contact form. I had a similar situation and did this.

I made a clickable link to a contact form and passed a var that represents the targeted user. I don't let the user fill in a 'To:' so the form is useless to anyone that might try to utilize it as an open emailer. When the form is submitted the form handler does a lookup using the var I passed for the actual email address. It formats the email and sends it on.


10+ Year Member

Msg#: 3797 posted 1:03 am on Nov 4, 2003 (gmt 0)

dreamquick: encoding is a good idea, thanks.

lorax: I've a form, but still need a visible address, it's involved with trust in our service: only 0.05% use the form, they prefer own contact methods.
I think a good part will leave if I cut options.


WebmasterWorld Senior Member 10+ Year Member

Msg#: 3797 posted 2:00 am on Nov 4, 2003 (gmt 0)

I've been using this:

var username = "contact";
var hostname = "domain.com";
var linktext = username + "@" + hostname;
document.write("<a href=" + "mail" + "to:" + username +
"@" + hostname + ">" + linktext + "</a>")

Seems to work pretty well

Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved