473,898 Members | 3,177 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Anti-spam techniques for web pages?

JW
I'm putting together a bulletin board system for a community that allows folks
to put up for sale postings, notices, etc. These notices usually include the
posters' email addresses.

A similar posting service which I use is in place in another town and I do
occasionally get spam from my notices (not a lot, usually 419 spam.)

This is a free system and doesn't require a login, and I want to avoid/minimize
the possibility of spammers from harvesting these addresses while at the same
time maintaining the mailto: links.

Basic requirements are 1) easily automated when I create the posting pages
(MySQL->PHP->HTML) and 2) maintain user convenience (clickable links regardless
of browser, usable by sight impaired readers, ...)

But should I even bother? Is there anything that is even partially effective
against harvesting bots? Is there a tried and true obfuscation method that I can
use?

Thanks!
--
jwayne@_myrealb ox_no_spam.com
Jul 20 '05
25 4352
In article <3RlRa.80008$Ph 3.8779@sccrnsc0 4>, br***@wfcr.org. invalid-
remove-this-part says...
Mr. Clean wrote:
I use js to write the mailto: link. In the noscript element, I
put my email address in as English words, i.e., username (at)
example.com


Download RedSquirrel's SecurEmailL script. Works very nicely on PHP
hosts. http://rsscripts.tripod.com/scripts/securemaill.htm


I already have a contact form. But some users prefer email, since
their email clients allow them to keep a copy for themselves, or cc:
it to someone else. Thus, I have a form and an email link.

I have a contact form which allows the sender to send a copy to him\her
self - problem solved.

--
*************** *************** ********
The Eldritch Dark:
Dedicated to Clark Ashton Smith
http://www.eldritchdark.com/
Jul 20 '05 #21
On Fri, 18 Jul 2003, Lauri Raittila wrote:
In article <MP************ ************@ne ws.slingshot.co .nz>, Boyd
Pearson wrote:
I have a contact form which allows the sender to send a copy to him\her
self - problem solved.


And when someone notices and uses it for spamming?


Then they get locked out. There's not much of a point since often such forms
have a destination address that the client user (or spammer) cannot change -
so: 1) He doesn't even know where it's going, 2) It will usually only go
to a single person; not a "productive " activity for a spammer to cater to, and
3) The field names often differ from one site to another, thus requiring the
"personal attention" of the spammer to customize their feeding of the form.
Spammers don't really have that kind of time - they have to hit many in as
little time as possible before their ISP kills their account.

In my form (a PHP script), I actually check to see that the return address
given is e-mailable by (here's what I will disclose; perhaps not complete):
- Making certain that the part before "@" is not null
- That there is a SINGLE "@"
- That the domain/hostname which follows "@" is deliverable by:
- Having a valid "A" or "AAAA" or "A6" IP address, or by
- Having a valid MX record (which can have its addresses tested
as well - for the really paranoid).
If it's a CNAME, then I test the canonical name for these DNS records.

Of course, there may be other things to check, such as: "Are all characters in
the mailbox name valid per RFC-2821 and -2822 for mailboxes?"

There are some issues with using the PHP library to do the DNS lookups: Most
functions will only return ONE value, even if multiple records of a given type
exist. That's not a problem for the address-type records, but it may be an
issue for the MX record(s) if one then subsequently tests them for addresses.
For the sufficiently skilled, there may be a way, especially if the DNS serves
records "round-robin" to acquire the entire RR-set for a given DNS query type,
but that may be overkill....

I also spamtrap the "/cgi-bin/formmail.cgi" and ".pl" URIs. There are just too
many "kiddie scripts" out there that look for those.
Jul 20 '05 #22
Mr. Clean wrote:
I use js to write the mailto: link. In the noscript element, I
put my email address in as English words, i.e., username (at)
example.com


Download RedSquirrel's SecurEmailL script. Works very nicely on PHP
hosts. http://rsscripts.tripod.com/scripts/securemaill.htm


I already have a contact form. But some users prefer email, since
their email clients allow them to keep a copy for themselves, or cc:
it to someone else. Thus, I have a form and an email link.

--
Brian
follow the directions in my address to email me

Jul 20 '05 #23
In article <Pi************ *************** ****@kd6lvw.amp r.org>, D. Stussy
wrote:
On Fri, 18 Jul 2003, Lauri Raittila wrote:
In article <MP************ ************@ne ws.slingshot.co .nz>, Boyd
Pearson wrote:
I have a contact form which allows the sender to send a copy to him\her ^^^^^^^ self - problem solved.
^^^^ And when someone notices and uses it for spamming?


Then they get locked out. There's not much of a point since often such forms
have a destination address that the client user (or spammer) cannot change -
so: 1) He doesn't even know where it's going,


But this case there was possibility for CC, and you can't send CC to self
by form whitout it knowing your address. That was what made me wonder. I
don't know if he has security problem there, but there might.
--
Lauri Raittila <http://www.iki.fi/lr> <http://www.iki.fi/zwak/fonts>
Saapi lähettää meiliä, jos aihe ei liity ryhmään, tai on yksityinen
tjsp., mutta älä lähetä samaa viestiä meilitse ja ryhmään.

Jul 20 '05 #24
Mr. Clean wrote:
I use js to write the mailto: link. In the noscript element, I
put my email address in as English words, i.e., username (at)
example.c om

Download RedSquirrel's SecurEmailL script. Works very nicely on PHP
hosts. http://rsscripts.tripod.com/scripts/securemaill.htm


I already have a contact form. But some users prefer email, since
their email clients allow them to keep a copy for themselves, or cc:
it to someone else. Thus, I have a form and an email link.


You can change that to your own design. It was very easy for me.


I am not being clear, I guess. Or I have misunderstood. Either way,
my apologies.

Just to be clear: I already have a contact form. I can change it any
way I want: add or remove fields at will.

I provode a contact form *and* an email address, because some users
prefer (or need) one, and some prefer another. Since I provide an
email address, I try to do something to slow down the spambot.

--
Brian
follow the directions in my address to email me

Jul 20 '05 #25
On Fri, 18 Jul 2003, Lauri Raittila wrote:
In article <Pi************ *************** ****@kd6lvw.amp r.org>, D. Stussy wrote:
On Fri, 18 Jul 2003, Lauri Raittila wrote:
In article <MP************ ************@ne ws.slingshot.co .nz>, Boyd
Pearson wrote:

> I have a contact form which allows the sender to send a copy to him\her ^^^^^^^ > self - problem solved. ^^^^ And when someone notices and uses it for spamming?


Then they get locked out. There's not much of a point since often such forms
have a destination address that the client user (or spammer) cannot change -
so: 1) He doesn't even know where it's going,


But this case there was possibility for CC, and you can't send CC to self
by form whitout it knowing your address. That was what made me wonder. I
don't know if he has security problem there, but there might.


Then that form and its CGI are poorly designed. A design that would overcome
this would effectively submit both addresses as BCC'ed (or at least the
user/owner of the page who is to be hidden).
Jul 20 '05 #26

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
8188
by: jcnews | last post by:
I am using Windows XP and am learning how to program in Java. Is there any way to get my fonts to be anti-aliased in both editors and in my programs? The non anti-aliased fonts don't look very good and are a little harder on my eyes. Thanks.
0
2258
by: Jason | last post by:
Hi guys, I am having problems with VML. I had been working on a problem for sometime now, and I just recently discovered what the problem really was: VML was anti-aliasing my rectangles, but I didn't want it too. So I added the following attribute to my rectangles which solved the problem somewhat: antialias: false; On my monitor, the rectangles are drawn properly now, without anti-aliasing. However, when I print it to a printer, the
7
9548
by: Maxim Shemanarev | last post by:
I'd like to announce my project called Anti-Grain Geometry. http://www.antigrain.com Anti-Grain Geometry (AGG) is an Open Source, free of charge graphic library, written in industrially standard C++. The terms and conditions of use are very simple and described on the License page. AGG doesn't depend on any graphic API or technology. Basically, you can think of AGG as of a rendering engine that produces pixel images in memory from
3
4290
by: Michel | last post by:
Is there a way I can anti-aliasing a gif to be able to get a hi-quality resizeable backgroundpicture. When a GIF of JPG is being resized by the browser you get wurse pictures because it needs a anti-aliasing. Maybe there is some filter for it... Or can I write my own subroutine to do this in client-browsers?
6
14863
by: bissatch | last post by:
Hi, I want to display text on screen with anti aliasing to make it appear smoother. Is it possible to do this in browsers by perhaps applying a style to it or is it entirely up the the browser? Cheers Burnsy
22
10793
by: Martin Eyles | last post by:
Hi, I have some text on a page in a small font. The font size has been OK in other applications, but in a web browser, the legebility suffers due to the anti-aliasing. Is there a way to turn off anti-aliasing for small text from the css, or is there something else I can do to make small text more legible? (Note, the text really does have to be small, as that is what is required for the web-application. It is a system for use on screens...
0
1631
by: Mark Rae | last post by:
Hi, Just a general question, really... Is anyone here using any of Microsoft's latest anti-virus / anti-spyware software? http://www.microsoft.com/athome/security/spyware/software/about/productcomparisons.mspx After the fun and games with WinXP SP2, I'm interested to know if anyone has had any problems with VS.NET 2005 in general, and ASP.NET 2 in particular...
2
4672
by: adam.timberlake | last post by:
I was following an article on a website earlier, and although it outputted the pie chart for me perfectly, I want to make it anti- aliased somehow. I have linked to the specific article below just in case you wish to replicate for testing the anti-aliasing. I found the GD function, imageantialias() but I've tried setting it to true at the top of the code just after the imagecreate() function - but to no avail. Article:...
11
5680
by: blickensdoerfer | last post by:
i have a problem using ImageTTFText: I want a Text in Arial , 8pt, without Anti-Aliasing . The result is very ugly, how can i get it proper like it would be displayed in the browser window or photoshop? i tried a lot of things and searched, but did not find a solution to this...help is very much appreciated! thank you
6
5598
by: Roderik | last post by:
Hi, On my website I implemented tooltip alike layers when you hover the category items in the sidebar on the right. See: http://www.roderik.net/ The layers that become visible have a opacity value of .8 and contain a background image. The effect is as expexted. However, the anti-aliasing is very poor in both Internet Explorer 7 and
0
9842
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
11265
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
10487
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
9662
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
7191
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
5882
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
1
4708
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
2
4297
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
3308
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.