encrypting "mailto" in javascript

Forum Moderators: open

Message Too Old, No Replies

encrypting "mailto" in javascript

avoiding e-mail harvesters/spam

mossimo

8:44 am on Jun 27, 2003 (gmt 0)

Can any one think of any valid reasons why using JavaScript encryption of mailto links is not a good idea, Other than people with javascript turned off.

The idea of course is to avoid e-mail harvesters/spam. I am using the following on line tool to encrypt my links.

[hiveware.com ]

If you know off a better way to accomplish this let us know.

waldemar

9:44 am on Jun 27, 2003 (gmt 0)

- Use a Formmailer with the email address hidden in the server script
- If you can abandon the mailto-functionality use an image to just display the address (I guess it will take a while until a harvester patter recognizes/OCRs all images... :-) )

mossimo

10:56 am on Jun 27, 2003 (gmt 0)

By form mailer I assume you mean something like aspmail
In witch case the mail address appears in the hidden form field like so

Are you saying harvesters can't extract an address from a hidden form field?

Dreamquick

11:03 am on Jun 27, 2003 (gmt 0)

mossimo,

I think by

server script

waldemar meant that you put your email address in the code that the server runs - this way it's not exposed on the web at any point and by definition cannot be harvested.

- Tony

Hagstrom

11:08 am on Jun 27, 2003 (gmt 0)

Can any one think of any valid reasons why using JavaScript encryption of mailto links is not a good idea, Other than people with javascript turned off.

I added this little code to my page:


<script type="text/JavaScript"> var n='webmaster'; var d='mysite.com'; 
document.write('<a href=\"mailto:' + n + '@' + d + '\">');</script> 
webmaster &#40;&#64;&#41; mysite.com 
<script type="text/JavaScript"> document.write('<\/a>');</script>

But I was still getting SPAM sent to webmaster@mysite.com. After a while it dawned on me that they are not only harvesting email-addresses - they are also making them, by prefixing "webmaster", "sales" etc. to my domain name.

waldemar

11:13 am on Jun 27, 2003 (gmt 0)

In witch case the mail address appears in the hidden form field [...]

nono, of course this way the harvester still gets the address. The idea is to "hardcode" the address into the form mailer processing script itself (some examples here [simplythebest.net...] If you are already running such a script, remove the hidden field and check the script for a line with the mail command containing the parameter "From:". You should find a variable with the value from your hidden field there. Just replace it with the real e-mail-address, so the client (browser/harvester) will never see it.

mossimo

11:55 am on Jun 27, 2003 (gmt 0)

I see now.

The address is hard coded in the send part of the script witch is sitting in a folder that has "script execute" permission only no public access.

I believe with this level of permission the folder and its contents should be invisible to any outside party�s man or machine.

g1smd

10:57 pm on Jun 27, 2003 (gmt 0)

Related thread: [webmasterworld.com...] which also links to more.