Welcome to WebmasterWorld Guest from 54.144.243.34

Forum Moderators: open

encrypting "mailto" in javascript

avoiding e-mail harvesters/spam

   
8:44 am on Jun 27, 2003 (gmt 0)

10+ Year Member



Can any one think of any valid reasons why using JavaScript encryption of mailto links is not a good idea, Other than people with javascript turned off.

The idea of course is to avoid e-mail harvesters/spam. I am using the following on line tool to encrypt my links.

[hiveware.com ]

If you know off a better way to accomplish this let us know.

9:44 am on Jun 27, 2003 (gmt 0)

10+ Year Member



- Use a Formmailer with the email address hidden in the server script
- If you can abandon the mailto-functionality use an image to just display the address (I guess it will take a while until a harvester patter recognizes/OCRs all images... :-) )
10:56 am on Jun 27, 2003 (gmt 0)

10+ Year Member



By form mailer I assume you mean something like aspmail
In witch case the mail address appears in the hidden form field like so

<input type=hidden name="addressto" size=40 value="whatever@mydomain.com">

Are you saying harvesters can't extract an address from a hidden form field?

11:03 am on Jun 27, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



mossimo,

I think by

server script
waldemar meant that you put your email address in the code that the server runs - this way it's not exposed on the web at any point and by definition cannot be harvested.

- Tony

11:08 am on Jun 27, 2003 (gmt 0)

10+ Year Member



Can any one think of any valid reasons why using JavaScript encryption of mailto links is not a good idea, Other than people with javascript turned off.

I added this little code to my page:


<script type="text/JavaScript"> var n='webmaster'; var d='mysite.com';
document.write('<a href=\"mailto:' + n + '@' + d + '\">');</script>
webmaster &#40;&#64;&#41; mysite.com
<script type="text/JavaScript"> document.write('<\/a>');</script>

But I was still getting SPAM sent to webmaster@mysite.com. After a while it dawned on me that they are not only harvesting email-addresses - they are also making them, by prefixing "webmaster", "sales" etc. to my domain name.

11:13 am on Jun 27, 2003 (gmt 0)

10+ Year Member



In witch case the mail address appears in the hidden form field [...]

nono, of course this way the harvester still gets the address. The idea is to "hardcode" the address into the form mailer processing script itself (some examples here [simplythebest.net...] If you are already running such a script, remove the hidden field and check the script for a line with the mail command containing the parameter "From:". You should find a variable with the value from your hidden field there. Just replace it with the real e-mail-address, so the client (browser/harvester) will never see it.

11:55 am on Jun 27, 2003 (gmt 0)

10+ Year Member



I see now.

The address is hard coded in the send part of the script witch is sitting in a folder that has "script execute" permission only no public access.

I believe with this level of permission the folder and its contents should be invisible to any outside party’s man or machine.

10:57 pm on Jun 27, 2003 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Related thread: [webmasterworld.com...] which also links to more.
 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month