homepage Welcome to WebmasterWorld Guest from 54.237.184.242
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
Forum Library, Charter, Moderator: open

JavaScript and AJAX Forum

    
encrypting "mailto" in javascript
avoiding e-mail harvesters/spam
mossimo




msg:1478730
 8:44 am on Jun 27, 2003 (gmt 0)

Can any one think of any valid reasons why using JavaScript encryption of mailto links is not a good idea, Other than people with javascript turned off.

The idea of course is to avoid e-mail harvesters/spam. I am using the following on line tool to encrypt my links.

[hiveware.com ]

If you know off a better way to accomplish this let us know.

 

waldemar




msg:1478731
 9:44 am on Jun 27, 2003 (gmt 0)

- Use a Formmailer with the email address hidden in the server script
- If you can abandon the mailto-functionality use an image to just display the address (I guess it will take a while until a harvester patter recognizes/OCRs all images... :-) )

mossimo




msg:1478732
 10:56 am on Jun 27, 2003 (gmt 0)

By form mailer I assume you mean something like aspmail
In witch case the mail address appears in the hidden form field like so

<input type=hidden name="addressto" size=40 value="whatever@mydomain.com">

Are you saying harvesters can't extract an address from a hidden form field?

Dreamquick




msg:1478733
 11:03 am on Jun 27, 2003 (gmt 0)

mossimo,

I think by
server script
waldemar meant that you put your email address in the code that the server runs - this way it's not exposed on the web at any point and by definition cannot be harvested.

- Tony

Hagstrom




msg:1478734
 11:08 am on Jun 27, 2003 (gmt 0)

Can any one think of any valid reasons why using JavaScript encryption of mailto links is not a good idea, Other than people with javascript turned off.

I added this little code to my page:

<script type="text/JavaScript"> var n='webmaster'; var d='mysite.com';
document.write('<a href=\"mailto:' + n + '@' + d + '\">');</script>
webmaster &#40;&#64;&#41; mysite.com
<script type="text/JavaScript"> document.write('<\/a>');</script>

But I was still getting SPAM sent to webmaster@mysite.com. After a while it dawned on me that they are not only harvesting email-addresses - they are also making them, by prefixing "webmaster", "sales" etc. to my domain name.

waldemar




msg:1478735
 11:13 am on Jun 27, 2003 (gmt 0)

In witch case the mail address appears in the hidden form field [...]

nono, of course this way the harvester still gets the address. The idea is to "hardcode" the address into the form mailer processing script itself (some examples here [simplythebest.net...] If you are already running such a script, remove the hidden field and check the script for a line with the mail command containing the parameter "From:". You should find a variable with the value from your hidden field there. Just replace it with the real e-mail-address, so the client (browser/harvester) will never see it.

mossimo




msg:1478736
 11:55 am on Jun 27, 2003 (gmt 0)

I see now.

The address is hard coded in the send part of the script witch is sitting in a folder that has "script execute" permission only no public access.

I believe with this level of permission the folder and its contents should be invisible to any outside party’s man or machine.

g1smd




msg:1478737
 10:57 pm on Jun 27, 2003 (gmt 0)

Related thread: [webmasterworld.com...] which also links to more.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved