Welcome to WebmasterWorld Guest from 54.234.153.197

Forum Moderators: open

Message Too Old, No Replies

encrypting "mailto" in javascript

avoiding e-mail harvesters/spam

     
8:44 am on Jun 27, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 16, 2003
posts:110
votes: 0


Can any one think of any valid reasons why using JavaScript encryption of mailto links is not a good idea, Other than people with javascript turned off.

The idea of course is to avoid e-mail harvesters/spam. I am using the following on line tool to encrypt my links.

[hiveware.com ]

If you know off a better way to accomplish this let us know.

9:44 am on June 27, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 11, 2003
posts:198
votes: 0


- Use a Formmailer with the email address hidden in the server script
- If you can abandon the mailto-functionality use an image to just display the address (I guess it will take a while until a harvester patter recognizes/OCRs all images... :-) )
10:56 am on June 27, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 16, 2003
posts:110
votes: 0


By form mailer I assume you mean something like aspmail
In witch case the mail address appears in the hidden form field like so

<input type=hidden name="addressto" size=40 value="whatever@mydomain.com">

Are you saying harvesters can't extract an address from a hidden form field?

11:03 am on June 27, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 25, 2002
posts:872
votes: 0


mossimo,

I think by

server script
waldemar meant that you put your email address in the code that the server runs - this way it's not exposed on the web at any point and by definition cannot be harvested.

- Tony

11:08 am on June 27, 2003 (gmt 0)

Full Member

10+ Year Member

joined:Sept 12, 2002
posts:252
votes: 0


Can any one think of any valid reasons why using JavaScript encryption of mailto links is not a good idea, Other than people with javascript turned off.

I added this little code to my page:


<script type="text/JavaScript"> var n='webmaster'; var d='mysite.com';
document.write('<a href=\"mailto:' + n + '@' + d + '\">');</script>
webmaster &#40;&#64;&#41; mysite.com
<script type="text/JavaScript"> document.write('<\/a>');</script>

But I was still getting SPAM sent to webmaster@mysite.com. After a while it dawned on me that they are not only harvesting email-addresses - they are also making them, by prefixing "webmaster", "sales" etc. to my domain name.

11:13 am on June 27, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 11, 2003
posts:198
votes: 0


In witch case the mail address appears in the hidden form field [...]

nono, of course this way the harvester still gets the address. The idea is to "hardcode" the address into the form mailer processing script itself (some examples here [simplythebest.net...] If you are already running such a script, remove the hidden field and check the script for a line with the mail command containing the parameter "From:". You should find a variable with the value from your hidden field there. Just replace it with the real e-mail-address, so the client (browser/harvester) will never see it.

11:55 am on June 27, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 16, 2003
posts:110
votes: 0


I see now.

The address is hard coded in the send part of the script witch is sitting in a folder that has "script execute" permission only no public access.

I believe with this level of permission the folder and its contents should be invisible to any outside party’s man or machine.

10:57 pm on June 27, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:July 3, 2002
posts:18903
votes: 0


Related thread: [webmasterworld.com...] which also links to more.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members