473,898 Members | 2,061 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Anti-spam techniques for web pages?

JW
I'm putting together a bulletin board system for a community that allows folks
to put up for sale postings, notices, etc. These notices usually include the
posters' email addresses.

A similar posting service which I use is in place in another town and I do
occasionally get spam from my notices (not a lot, usually 419 spam.)

This is a free system and doesn't require a login, and I want to avoid/minimize
the possibility of spammers from harvesting these addresses while at the same
time maintaining the mailto: links.

Basic requirements are 1) easily automated when I create the posting pages
(MySQL->PHP->HTML) and 2) maintain user convenience (clickable links regardless
of browser, usable by sight impaired readers, ...)

But should I even bother? Is there anything that is even partially effective
against harvesting bots? Is there a tried and true obfuscation method that I can
use?

Thanks!
--
jwayne@_myrealb ox_no_spam.com
Jul 20 '05
25 4352
On Mon, 7 Jul 2003, Willondon wrote:
JW wrote:
... This is a free system and doesn't require a login, and I want to
avoid/minimize the possibility of spammers from harvesting these addresses
while at the same time maintaining the mailto: links. [...]
I've had a good deal of success using character encoding to obfuscate
email addresses. HTML allows "&#xxx;" as a substitute for a character
where 'xxx' is the appropriate number (usually the ASCII code).
...
Disadvantages (apart from 'mailto' inherent disadvantages):
(1) from autumn 2002, I've read reports that scumbots are now decoding
these addresses;
(2) even 6 years ago, it seemed that ultimately, it's harvestable, and I'm
very surprised that I've had as much success as I have; not guaranteed to
last forever.


Even if they weren't decoding these, it would be inevitable that some spammer
would write a robot that could. Obfuscation isn't a viable solution. When
spammers started using the method of "mixing and matching" usernames and
domains to create mailboxes they hadn't seen (and other dictionary and random
attacks), it didn't even matter that a mailbox appeared on a web page - it
could still be randomly hit.
A common approach is to not publish the address, but use CGI or other
server-side programming to take care of inputting the message and mailing
it; but you might consider this too much processing.


I certainly agree with this. Unfortunately, for sites hosted on machines not
owned by the web site owner, this isn't always an option.

The usual tricks of embedding other mailto's not visible to those using the
standard web browsers which contain spam-trap mailboxes and such can still be
employed.

I use the approach of making the mailbox address useless to the spammer, even
if he has it. If he cannot get his message through, then what good is it to
him? Blocking alone shouldn't be the only step, but in many cases, it is
satisfactory, especially if one lacks the time to investigate the spam back to
the spammer's true mailbox or web site (for those which advertise web sites)
and get those shut down.
Jul 20 '05 #11
On Tue, 8 Jul 2003, Klaus Johannes Rusch wrote:
Stan Brown wrote:
...
I _hate_ those forms. If I'm sending mail, I want to use my mailer.
It has things like spell checking and the copy-to-self feature. And
half the time I type a message into those forms and then nothing
happens when I click 'send'.


Everyone does, but the same is true for being spammed. One option might be to not
show the email address but let you retrieve the email address by having it sent to
your address, so you can then use your mailer to respond.


Interesting idea, but once spammers see this sort of thing, what's to stop THEM
from having your web server deliver your e-mail address to them?
Jul 20 '05 #12
Stan Brown wrote:
How many people do you think are willing to jump through such hoops?
If even 10% refuse (or can't figure out your scheme), that's 10% of
sales lost.


If 20% of the visitors don't post their ads because they are afraid of being spammed,
that's 20% of sales lost. No single technique will work for everyone.

--
Klaus Johannes Rusch
Kl********@atme dia.net
http://www.atmedia.net/KlausRusch/
Jul 20 '05 #13
"D. Stussy" wrote:
Interesting idea, but once spammers see this sort of thing, what's to stop THEM
from having your web server deliver your e-mail address to them?


Theoretically nothing. Practically unless you have a very attractive and huge set of
email addresses spambot writers will not bother writing custom code to gather email
addresses from your site, but instead will go for easier targets.

--
Klaus Johannes Rusch
Kl********@atme dia.net
http://www.atmedia.net/KlausRusch/
Jul 20 '05 #14
Dave Patton wrote:
I use a technique which uses JavaScript to assemble the email address
on the fly. Users with JavaScript disabled get a warning.


A slightly better approach(in my opinion) is what we do on our
'Contact Us' page:
http://www.confluence.org/contact.php
With javascript enabled, you'll get mailto links, but the
email addresses aren't in a readable format in the source.
If javascript is disabled, you'll see the email addresses,
as images(no good for 'cut & paste", but at least they are available).


I use js to write the mailto: link. In the noscript element, I put my
email address in as English words, i.e.,
username (at) example.com

Like other solutions, not perfect. Perhaps useless. But I want to do
*something*. My solutions to junk postal mail and telemarketing calls
are better, but spam, well, I just don't know what to do. I tried the
react thing: read the headers, find the real source, contact the host.
But at 5 minutes or more for *each* spam, it's too much time. Not
with the number of spams I receive.

--
Brian
follow the directions in my address to email me

Jul 20 '05 #15
In article <GjYOa.19674$ye 4.16889@sccrnsc 01>, br***@wfcr.org. invalid-remove-
this-part says...
Dave Patton wrote:
I use a technique which uses JavaScript to assemble the email address
on the fly. Users with JavaScript disabled get a warning.


A slightly better approach(in my opinion) is what we do on our
'Contact Us' page:
http://www.confluence.org/contact.php
With javascript enabled, you'll get mailto links, but the
email addresses aren't in a readable format in the source.
If javascript is disabled, you'll see the email addresses,
as images(no good for 'cut & paste", but at least they are available).


I use js to write the mailto: link. In the noscript element, I put my
email address in as English words, i.e.,
username (at) example.com

Like other solutions, not perfect. Perhaps useless. But I want to do
*something*. My solutions to junk postal mail and telemarketing calls
are better, but spam, well, I just don't know what to do. I tried the
react thing: read the headers, find the real source, contact the host.
But at 5 minutes or more for *each* spam, it's too much time. Not
with the number of spams I receive.

Download RedSquirrel's SecurEmailL script. Works very nicely on PHP hosts.
http://rsscripts.tripod.com/scripts/securemaill.htm
Jul 20 '05 #16
On Wed, 9 Jul 2003, Klaus Johannes Rusch wrote:
"D. Stussy" wrote:
Interesting idea, but once spammers see this sort of thing, what's to stop THEM
from having your web server deliver your e-mail address to them?


Theoretically nothing. Practically unless you have a very attractive and huge set of
email addresses spambot writers will not bother writing custom code to gather email
addresses from your site, but instead will go for easier targets.


An assumption about their behavior? As time goes on, even spammers will have
computers with more processing power, so with that added ability, why shouldn't
they? I bet that the next spam innovation will be the javascript-interpreting
spambot, so the only thing that I see in the way of this is simply "higher
harvesting priorities" and that they will eventually get to this (maybe a few
years from now; maybe months, but they will get there).

Such a target will be an "attractive target" to them because of the method
employed, the spammers will KNOW that the mailbox is a valid one.
Jul 20 '05 #17
Mr. Clean wrote:
I use js to write the mailto: link. In the noscript element, I
put my email address in as English words, i.e., username (at)
example.com


Download RedSquirrel's SecurEmailL script. Works very nicely on PHP
hosts. http://rsscripts.tripod.com/scripts/securemaill.htm


I already have a contact form. But some users prefer email, since
their email clients allow them to keep a copy for themselves, or cc:
it to someone else. Thus, I have a form and an email link.

--
Brian
follow the directions in my address to email me

Jul 20 '05 #18
Mr. Clean wrote:
I use js to write the mailto: link. In the noscript element, I
put my email address in as English words, i.e., username (at)
example.com


Download RedSquirrel's SecurEmailL script. Works very nicely on PHP
hosts. http://rsscripts.tripod.com/scripts/securemaill.htm


I already have a contact form. But some users prefer email, since
their email clients allow them to keep a copy for themselves, or cc:
it to someone else. Thus, I have a form and an email link.

--
Brian
follow the directions in my address to email me

Jul 20 '05 #19
In article <3RlRa.80008$Ph 3.8779@sccrnsc0 4>, br***@wfcr.org. invalid-remove-
this-part says...
Mr. Clean wrote:
I use js to write the mailto: link. In the noscript element, I
put my email address in as English words, i.e., username (at)
example.com


Download RedSquirrel's SecurEmailL script. Works very nicely on PHP
hosts. http://rsscripts.tripod.com/scripts/securemaill.htm


I already have a contact form. But some users prefer email, since
their email clients allow them to keep a copy for themselves, or cc:
it to someone else. Thus, I have a form and an email link.

You can change that to your own design. It was very easy for me.
Jul 20 '05 #20

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
8188
by: jcnews | last post by:
I am using Windows XP and am learning how to program in Java. Is there any way to get my fonts to be anti-aliased in both editors and in my programs? The non anti-aliased fonts don't look very good and are a little harder on my eyes. Thanks.
0
2258
by: Jason | last post by:
Hi guys, I am having problems with VML. I had been working on a problem for sometime now, and I just recently discovered what the problem really was: VML was anti-aliasing my rectangles, but I didn't want it too. So I added the following attribute to my rectangles which solved the problem somewhat: antialias: false; On my monitor, the rectangles are drawn properly now, without anti-aliasing. However, when I print it to a printer, the
7
9548
by: Maxim Shemanarev | last post by:
I'd like to announce my project called Anti-Grain Geometry. http://www.antigrain.com Anti-Grain Geometry (AGG) is an Open Source, free of charge graphic library, written in industrially standard C++. The terms and conditions of use are very simple and described on the License page. AGG doesn't depend on any graphic API or technology. Basically, you can think of AGG as of a rendering engine that produces pixel images in memory from
3
4290
by: Michel | last post by:
Is there a way I can anti-aliasing a gif to be able to get a hi-quality resizeable backgroundpicture. When a GIF of JPG is being resized by the browser you get wurse pictures because it needs a anti-aliasing. Maybe there is some filter for it... Or can I write my own subroutine to do this in client-browsers?
6
14863
by: bissatch | last post by:
Hi, I want to display text on screen with anti aliasing to make it appear smoother. Is it possible to do this in browsers by perhaps applying a style to it or is it entirely up the the browser? Cheers Burnsy
22
10793
by: Martin Eyles | last post by:
Hi, I have some text on a page in a small font. The font size has been OK in other applications, but in a web browser, the legebility suffers due to the anti-aliasing. Is there a way to turn off anti-aliasing for small text from the css, or is there something else I can do to make small text more legible? (Note, the text really does have to be small, as that is what is required for the web-application. It is a system for use on screens...
0
1631
by: Mark Rae | last post by:
Hi, Just a general question, really... Is anyone here using any of Microsoft's latest anti-virus / anti-spyware software? http://www.microsoft.com/athome/security/spyware/software/about/productcomparisons.mspx After the fun and games with WinXP SP2, I'm interested to know if anyone has had any problems with VS.NET 2005 in general, and ASP.NET 2 in particular...
2
4672
by: adam.timberlake | last post by:
I was following an article on a website earlier, and although it outputted the pie chart for me perfectly, I want to make it anti- aliased somehow. I have linked to the specific article below just in case you wish to replicate for testing the anti-aliasing. I found the GD function, imageantialias() but I've tried setting it to true at the top of the code just after the imagecreate() function - but to no avail. Article:...
11
5680
by: blickensdoerfer | last post by:
i have a problem using ImageTTFText: I want a Text in Arial , 8pt, without Anti-Aliasing . The result is very ugly, how can i get it proper like it would be displayed in the browser window or photoshop? i tried a lot of things and searched, but did not find a solution to this...help is very much appreciated! thank you
6
5598
by: Roderik | last post by:
Hi, On my website I implemented tooltip alike layers when you hover the category items in the sidebar on the right. See: http://www.roderik.net/ The layers that become visible have a opacity value of .8 and contain a background image. The effect is as expexted. However, the anti-aliasing is very poor in both Internet Explorer 7 and
0
9993
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
9842
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
10859
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
0
9662
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
7191
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
6078
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
4708
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
2
4297
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
3308
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.