Obfuscating mailto:

Forum Moderators: phranque

Message Too Old, No Replies

Obfuscating mailto:

gtate

11:03 am on Dec 28, 2007 (gmt 0)

I'm trying to stop spammers culling email addresses via the 'mailto:' code on websites by converting them into hexadecimal values. I'm told this works for all but the most sophisticated spammers, but would appreciate any feedback on this. (in particular I see that when I click on 'view source' on the browser it displays the 'mailto:'address as text, not hexadecimal, so I wouldn't be surprised if the spammers have overtaken this method by now?)

I did try a Javascript program which hid the email address, but the problem was that it also hid the address from anyone whose browser had disabled J/script.

eelixduppy

6:16 pm on Dec 28, 2007 (gmt 0)

The best way around this is to not have a mailto in your HTML to begin with. A contact page is ideal for something like this, where a user fills out a form and submit it and the server-side technologies send the email to the correct place. There are many obfuscation methods for email address out there, but I don't find them particularly useful and just go with the contact page as I have described above.

gtate

6:38 pm on Dec 28, 2007 (gmt 0)

Hmmm, sounds like 1 - 0 to the spammers then. As someone who tries to make it as easy as possible for potential customers to contact my SMEs, the most used are the email address and the phone - not everyone wants to fill out a form, however simple.

rocknbil

7:33 pm on Dec 28, 2007 (gmt 0)

gtate there are a lot of *good* reasons to use a form instead of mailto.

Many people see it as "easy" which on the surface it is - but when they ask a question, how many inquiries are insufficient to allow you to give an intelligent answer? Does it tell anything about how they found you? Can you log any of their actions on your site to privately gather what parts of your site are effective?

With a form, you can prompt them answer the most important questions to intelligently answer their question. For example, "what product are you interested in?" instead of getting an email that says "Are these available in red?"

You can ask how you found us - a single marketing question will not offend. When they submit the form, you can log their IP address, and compare it with other entries of that IP address for that day to get a feel whether they actually looked at the site. You can gauge if your site needs navigational improvements. If they're asking "is this available in red?" and the product clearly displays red as an option, you have some presentation issues you thought were working that are not working.

The decision to remove mailto: is not just one that should be based on spam because "you have to." You should remove mailto and replace with forms because it's better for your business. :-)

web_wheeler

8:00 pm on Dec 28, 2007 (gmt 0)

If you don't want to have to deal with server side solutions, or don't have access to your web hosting server, then obfuscate the email address with JavaScript and include a bit map image with your email address in it. That way, users of your website can still get your email address with JavaScript disabled, but email gathering bots won't recognize it.

BarryStCyr

8:59 pm on Dec 28, 2007 (gmt 0)

I use a form for all my contacts. I use a form button on each page of my site so I can include a hidden value for the the page the Contact Us button was pressed. This helps to, but does not completely elimate the "Do these come in red?" questions.

The problem with this is HTML and JAVASCRIPT insertion. The processing script I wrote removes and/or reformats most offending content before mailing it to me.

I use the same thing for a TELL A FRIEND page that allows the user to send comments to a third party. I also have it sent to me. That way I can tell if my filter is catching everything that could cause problems.

So far I have had a few messages where people have tried to use it to send phishing or other problematic emails, but after they test it and find it deactivate their content, they go away.

Barry