Page 1 of 3 123 LastLast
Results 1 to 15 of 37
  1. #1
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Email address cloaking on websites

    Question: is it <UL><LI>essential <LI> a good idea <LI> a waste of time[/list]to cloak or otherwise obfuscate email addresses held on web pages or in Word or PDF documents on a website, to try to eliminate or reduce the harvesting of email addresses by spammers?

    If email address cloaking is worth doing, then what techniques do people use? I have found a website which lists a number of possible programs to do this, the first one, HTML Email Cloaker, appearing worth a look. (It doesn't deal with email addresses in documents, though, as far as I can see...).

    But I'm open to all suggestions, please!

    Thanks

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  2. #2
    Plutonium Lounger Leif's Avatar
    Join Date
    Dec 2000
    Location
    U.K.
    Posts
    14,010
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Email address cloaking on websites

    Unless someone can prove that it is a waste of time, I consider it essential.

    I use the free facility at Email Address Encoder as suggested by Mark way back in <post:=248,953>post 248,953</post:>.

  3. #3
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Email address cloaking on websites

    Thanks, Leif

    But could my recently-found one be better, because the simple version also cloaks the "mailto:" text and the more complicated Javascript version
    QUOTE
    [...] combines four good cloaking methods. 1) encoding 2) mailto-hiding 3) JavaScript generation and 4) email part-splitting. I seriously doubt that any spam-spider will be able to circumvent this level of cloaking!
    UNQUOTE

    Do you use any method for obfuscating clickable email addresses in documents (other than perhaps making them non-clickable by changing the text to a transparent graphic)?

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  4. #4
    Plutonium Lounger Leif's Avatar
    Join Date
    Dec 2000
    Location
    U.K.
    Posts
    14,010
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Email address cloaking on websites

    My take on it:

    If the 'robot' can detect the text <code>"mailto"</code> and then decipher the following email address, it is just as likely (if not more so) to be able to detect the coded "mailto" as it would be a standard and repeatable sequence of characters.

    JavaScript requires the viewer (end-user) to have JavaScript enabled.

    I don't use any method of "obfuscating" clickable email addresses in documents, as it is not applicable in my circumstances. If a robot will go to the extent of downloading documents and examining them, I would expect a bit of character coding after multiple "&#" is not going to be much of a barrier.

    For what it is worth, another method I have used is:
    <code> <SCRIPT LANGUAGE="JavaScript">
    user = "name";
    site = "company.com";
    document.write('<a href="mailto:' + user + '@' + site + '">');
    document.write("e-mail");
    </SCRIPT></code>
    but again that requires script enabling.

  5. #5
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Email address cloaking on websites

    Yes, I agree with what you say - if someone virtuous can write code then someone naughty can decode it, however complicated. Pity that text always has to be placed sequentially from left to right, rather than being able to fill in the characters in random order!

    Is it not now pretty well a requirement for browsing the web to have Javascript enabled?

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  6. #6
    5 Star Lounger
    Join Date
    Apr 2003
    Location
    Hampshire, United Kingdom
    Posts
    602
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Email address cloaking on websites

    <hr>Is it not now pretty well a requirement for browsing the web to have Javascript enabled?<hr>
    Browsing, yes; botting, no. Many bots don't read javascript (the Googlebot being perhaps the most obvious example) and many email address "encryption" methods rely on bots' inability to read client-side scripts. It's only a matter of time before the bots get cleverer.

    My attitude is that prevention is better than cure. Wherever possible, my advice is not to put email addresses on the web, unless they're in password-protected areas that the bots can't reach. If you want your users to be able to contact you, a form is usually more secure (although these are also susceptible to spam and so precautions still need to be taken - usually the familiar "type in the letters/numbers shown in the image" method).
    Waggers
    If at first you do succeed, you&#39;ve probably missed something.

  7. #7
    Platinum Lounger
    Join Date
    Feb 2002
    Location
    A Magic Forest in Deepest, Darkest Kent
    Posts
    5,681
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Email address cloaking on websites

    I'll chuck in my <img src=/S/2cents.gif border=0 alt=2cents width=15 height=15> worth. I received the first bit of spam to my site only just week so not bad for a few months of being live. Waggers cam e up with a good suggestion and I have seen some quite complicated ways of doing this and the other day I saw a very very simple one. The lady who owned the site just put a phrase "What is 2 + 2 equal to" above a text box and a submit button and the javascript authenticated the response and the email was generated.

    As your site is a professional organisation don't go for the clumsy method of putting webmasterDUMMY@thesite.co.uk and then the words remove DUMMY from the email!!!!! or words to that effect

    I have seen users write contact webmaster AT thesite.co.uk in words or even simpler set up a POP3 box on your site that is site specific and get sent to your anti-spam software for filtering.
    Jerry

  8. #8
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Email address cloaking on websites

    The most impressive email address cloaker for websites I've come across is The Enkoder Form, which generates a very complicated javascript function.

    For example
    Woody@Wopr.com
    with link text Woody
    and title Woody's email address
    comes out as:
    <pre><script type="text/javascript">
    /* <![CDATA[ */
    function hivelogic_enkoder(){var kode=
    "kode="nrgh@%qujkC(txmnF+xtnme+F{wqp.Ip{o001yqz000 :_333~u000q.hm4tHq"+
    "e,I~hrh.mhxy{uc000{Fb7=={cp|L:{{~hoyhh,u.x000I000 hqh.{hpc,{yb7==uq,m"+
    "px~m177phq177hhJ{.pcH{mb7==h;J.5GG.I_33433rG~{u4< IuG4H{wqpx:zq000s9t"+
    "5=uGI75>_334b667I7{wqpo:mtM~40007u5=w7p{:qto~m000 Mu4ee599w9p{Iq7_334u4"+
    "wHp{:qqxszt000wKp{:qto~m000Mw4p{:qqxszt000=9F533G 5De+F00100oD{xr19"+
    "FrDtEmx7nnupwq}rD44_3342Flxtnml7jqL{mxJn1}2r<6rD1 oEl294l:FA;001DF4}r"+
    "{pwo7x{LvjqL{mx1n2ltb666mxFn001+D001F00Dox{1rF9Dr E1txmn7unwp}q6:2Dr4F;"+
    "2_3340014Ftxmn7lqj{J}1r4:24txmn7lqj{J}1r2b666txmn F00141rEtxmn7unwp}qHt"+
    "xmn7lqj{J}1txmn7unwp}q6:2C002D(A~C--Alux.oC6AoBqujk4rktmznAo11/001iCqujk"+
    "4ingxIujkGz.o/39Aol.iB6/i1C78>A~1CYzxotm4lxusIngxIujk.i/_333qujkC~%>{@**>i"+
    "ru+l@3>l?nrgh1ohqjwk>l..,~f@nrgh1fkduFrghDw+l,06> li+f?3,f.@45;>{.@Vwulqj1i"+
    "urpFkduFrgh+f,000nrgh@{";x='';for(i=0;i<kode.leng th;i++){c=kode.charCod"+
    "eAt(i)-3;if(c<0)c+=128;x+=String.fromCharCodeİ}kode=x"
    ;var i,c,x;while(eval(kode));}hivelogic_enkoder();
    /* ]]> */
    </script></pre>

    I don't think we're going to put someone AT domain DOT co DOT uk on our website!

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  9. #9
    Platinum Lounger
    Join Date
    Feb 2002
    Location
    A Magic Forest in Deepest, Darkest Kent
    Posts
    5,681
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Email address cloaking on websites

    Thank you very much John

    I shall test this on a second level page on my website. I will create a dummy email account on my site and see what happens
    Jerry

  10. #10
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,568
    Thanks
    5
    Thanked 1,056 Times in 925 Posts

    Re: Email address cloaking on websites

    John,

    The person responsible for our web site has used Web eMail Cloaking Utility for a couple years. She seems satisifed with it.

    Joe
    Joe

  11. #11
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Email address cloaking on websites

    Joe

    That one seems quite neat, including maintaining a database of pre-set-up addresses that you can just hoik out when you need them! I'm not sure whether the generated javascript is too simple, though...

    Thanks!

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  12. #12
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Email address cloaking on websites

    Just as a datapoint, I contacted three companies yesterday. Two had very nice web submission forms, and the third had only an email link. I sent them all the same question. So far, the only reply was from the company that had the email link. <img src=/S/grin.gif border=0 alt=grin width=15 height=15>

  13. #13
    Gold Lounger Rebel's Avatar
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    3,024
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Email address cloaking on websites

    John,
    Started using the Enkoder Form recently and I'm hoping for a decrease in spam, although this probably won't be evident for several months (if at all). On a few of the sites I maintain, I have links to PDF documents (created with Cute PDF Printer). Within these documents are clickable email links.

    Can bots harvest these addresses or are they protected?
    John
    A Child's Mind, Once Stretched by Imagination...
    Never Regains Its Original Dimensions

  14. #14
    Platinum Lounger
    Join Date
    Feb 2002
    Location
    A Magic Forest in Deepest, Darkest Kent
    Posts
    5,681
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Email address cloaking on websites

    John

    Simple answer is yes, web bots and spiders can extract email addresses from PDF, word, excel, plain text, html and much more. They do have difficulty extracting if it is coded in javascript.
    Jerry

  15. #15
    Gold Lounger Rebel's Avatar
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    3,024
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Email address cloaking on websites

    Darn.That's not the answer I was looking for. <img src=/S/bummer.gif border=0 alt=bummer width=15 height=15>
    And I suppose that there is no way to encode these addresses within a PDF document?
    John
    A Child's Mind, Once Stretched by Imagination...
    Never Regains Its Original Dimensions

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •