The spam bots are in fact getting the adress from (href="mailto:________")

Yeah, the source gets read too, of course. The simplest and most effective way around this is to use a mail form.

If you use Apache I suggest you have a look at "A Close to perfect .htaccess ban list [webmasterworld.com]" on banning spam bots.

But some countries require a valid email address on your site that must be easily accessable. Images and mail forms don´t suffice. And it doesn´t matter whether you have your server in that country. It´s about whether you target that country´s market by having content in the native language or displaying prices in that country´s currency.

I got a very simple ressource here that will wrap your mailto link into JavaScript. Most spam bots will not decipher this. The Mailto will appear as normal to Javascript enabled browsers but look like garbage for spam bots.

Go here, fill the simple form. and you get ready to cut and paste code for inclusion in your website. You can also downlowd a tiny and free Java program and run it from your hard drive. (bottom of page)

[hivelogic.com...]

Thanks everyone for your input and thank you MacGuru. I implemented the code from the site you recommended and it's working in all the browsers I care about. Hit the road spammers.

As a side note, I've got one site that I built from the ground up with anti-spamming in mind.

Forms only - But if users wanted a popup window that could give them a .gif image of the email address so that they could use their own email client, they could get it. NO text or anything that could be decoded.

Still I got spam. The only way I could think that they were getting the email addresses was by SE's or directories, and actually adding the addresses to their list by hand - without bots. (In fact, I even mentioned the reasons for doing the form or the .gif image as an anti-spam technique on the site itself). Did not matter. Still got junk mail. But it's a lot less than on other sites that did not have anti-spam techniques.

bobriggs,

Was that from "fresh" e-mail adresses?

Yes, fresh. There was never a domain there before.

Had to be humans scouting email addresses.

>>Had to be humans scouting email addresses.

Agreed. I recently tryied a new ISP. First thing I got after setting up the mail account was SPAM. I never published the adress anywhere. I though some insider had a sideline...

Any domain will get spam, whether the addresses are listed on a web page or not. As soon as it exists in the whois database, all the standard user names (webmaster¦info¦support¦service¦tech¦faq¦sales¦hr¦etc.) will be bombarded immediately.

Only if your user name was something extremely unusual, then you need to suspect human interaction (or a leak at your ISP/hoster).

This had to be human.

email address was only incoming, and only listed on the site through a gif image. None of the email addresses were ever used for outoing email.

I suspect that certain sectors are targeted, then searched thru SE's, and email addresses are collected. (by hand)

Also, this was not info@ or webmaster@, or any of the other usuals.

Most of the spam came from one source: Sorry, can't reveal it here because I have already had one post deleted on this issue because I did violate TOS. (Yes, I did violate TOS. I had one post deleted since mar 2001 - and none others edited that I know of - no big deal) The violation was quoting email (that I received) That's the rules; I can't complain - guilty. (I put it in Foo anyway)

The point is that there might be human elements out there collecting email addresses in certain sectors of the economy or internet. We all know that there are markets out there that employ cheap labor. Do we think that our email addresses are immune from this?