By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,244 Members | 1,368 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,244 IT Pros & Developers. It's quick & easy.

maito links and javascript OT?

P: n/a
It's occured to me that most SPAM bots are looking for mailto links
(that's assuming they didn't harvest from usenet!).

So:

<script type="text/javascript">
document.write('<a href="mailto: some_email_address">some_address</a>');
</script>

<noscript>
email_address (not in a mailto link)
</noscript>

Comments?

Jeff
Jul 20 '05 #1
Share this Question
Share on Google+
13 Replies


P: n/a

"Jeff Thies" <no****@nospam.net> wrote in message
news:a4*****************@newsread3.news.atl.earthl ink.net...
It's occured to me that most SPAM bots are looking for mailto links
(that's assuming they didn't harvest from usenet!).

So:

<script type="text/javascript">
document.write('<a href="mailto: some_email_address">some_address</a>');
</script>

<noscript>
email_address (not in a mailto link)
</noscript>

well I don't mean to sound stupid, but wouldn't that just produce a <a> link
in HTML?

If I did that in PHP then it would produce a HTML page that still says <a
href="..."></a>, except it's in a javascript tag?

I jsut did it in dream weaver to check, and yes, the result is:
<html>
<head>
<title>Untitled Document</title>
</head>

<body>
<script type="text/javascript">
document.write('<a href="mailto: someaddress">some_address</a>');
</script>

<noscript>
email_address (not in a mailto link)
</noscript>
</body>
</html>

any decent spambot would pick that up.
Jul 20 '05 #2

P: n/a
Jeff Thies wrote in message ...
It's occured to me that most SPAM bots are looking for mailto links
(that's assuming they didn't harvest from usenet!).


I use the facility at ...
http://www.mways.co.uk/prog/hidemail.php

It can produce the required information in Javascript or HTML.

My clients have never been bothered by spam since using it, so it *appears*
to work.
Jul 20 '05 #3

P: n/a
Jeff Thies wrote:
It's occured to me that most SPAM bots are looking for mailto links
Generally they look for @-signs, although perhaps mailto: links too.
<script type="text/javascript">
document.write('<a href="mailto: some_email_address">some_address</a>');
</script>


Better:

<script type="text/javascript">
document.write('<a href="mailto:me');
document.write('@mydomain.com<');
document.write('/a>');
</script>

But why not just:

<a href="mailto:me%40mydomain%2Ecom">me&#x40;mydomain &#x2E;com</a>

Easier and works without Javascript.

--
Toby A Inkster BSc (Hons) ARCS
Contact Me - http://www.goddamn.co.uk/tobyink/?page=132

Jul 20 '05 #4

P: n/a
in post: <news:a4*****************@newsread3.news.atl.earth link.net>
"Jeff Thies" <no****@nospam.net> said:
It's occured to me that most SPAM bots are looking for mailto links


if you only accept plain text email spam is rare. if you block email
sent using lookout express its /very/ rare.
--
brucie - i usenet nude
Jul 20 '05 #5

P: n/a
> > It's occured to me that most SPAM bots are looking for mailto links

if you only accept plain text email spam is rare.
I'm getting a growing number of plain text spams. These are usually a short
message followed by random words

It's the only SPAM I get currently, but I'm using SPAM assasin and a custom
program I wrote that deletes executables.

Most people can't do that.

if you block email
sent using lookout express its /very/ rare.
Not familiar, I'll look into that.

Cheers,
Jeff


--
brucie - i usenet nude

Jul 20 '05 #6

P: n/a
> > It's occured to me that most SPAM bots are looking for mailto links

Generally they look for @-signs, although perhaps mailto: links too.
Ah...
<script type="text/javascript">
document.write('<a href="mailto: some_email_address">some_address</a>');
</script>
Better:

<script type="text/javascript">
document.write('<a href="mailto:me');
document.write('@mydomain.com<');
document.write('/a>');
</script>


Actually had thought of putting it in an external js file.

But why not just:

<a href="mailto:me%40mydomain%2Ecom">me&#x40;mydomain &#x2E;com</a>
I didn't know that still worked. Sounds like the right way.

Cheers,
Jeff

Easier and works without Javascript.

--
Toby A Inkster BSc (Hons) ARCS
Contact Me - http://www.goddamn.co.uk/tobyink/?page=132

Jul 20 '05 #7

P: n/a
> > It's occured to me that most SPAM bots are looking for mailto links
(that's assuming they didn't harvest from usenet!).
I use the facility at ...
http://www.mways.co.uk/prog/hidemail.php

It can produce the required information in Javascript or HTML.

My clients have never been bothered by spam since using it, so it

*appears* to work.
Interesting. Looks like we have a winner!

Cheers,
Jeff

Jul 20 '05 #8

P: n/a
brucie wrote:
if you only accept plain text email spam is rare.


Right, but emails from my mother will be even rarer. (That's probably a
bonus, though.)

Jul 20 '05 #9

P: n/a
It seems "Jeff Thies" wrote in comp.infosystems.www.authoring.html:
It's occured to me that most SPAM bots are looking for mailto links
(that's assuming they didn't harvest from usenet!).

document.write('<a href="mailto: some_email_address">some_address</a>');


Aside from the fact that a bot looking for "mailto:" is going to
find the above just as well, you are excluding the millions of
people who don't use JS.

Is it just me, or didn't we go through all this not too long ago?

--
Stan Brown, Oak Road Systems, Cortland County, New York, USA
http://OakRoadSystems.com/
HTML 4.01 spec: http://www.w3.org/TR/html401/
validator: http://validator.w3.org/
CSS 2 spec: http://www.w3.org/TR/REC-CSS2/
2.1 changes: http://www.w3.org/TR/CSS21/changes.html
validator: http://jigsaw.w3.org/css-validator/
Jul 20 '05 #10

P: n/a
CJM
"Stan Brown" <th************@fastmail.fm> wrote in message
news:MP************************@news.odyssey.net.. .
Aside from the fact that a bot looking for "mailto:" is going to
find the above just as well, you are excluding the millions of
people who don't use JS.
Yes, that's right.

Using character codes is accessible, and will stop many crawlers but not
all.

IMHO the JS solution is just an abomination.

Is it just me, or didn't we go through all this not too long ago?


Yes we did. Deja Vu.

So I might as well give my contribution:

Option 1:
AFAIK, crawlers can't follow POSTed forms, so you can create a form
with a button which POSTs to an ASP page. The ASP page says
something to the effect of:
'If page was POSTed, show emails'
ie.
If Request.Form("btnShowEmail")="Show Email" Then
Response.Write (My*****@MyDomain.com)
End If
I assume something similar could be done in PHP and other platforms.

Option 2:
Use a graphics package to create a graphic showing the email
address. Obviously, this means that the user must type the
address into their email client manually.

Option 3:
Dont give out the email address. Use a form and some server-side
to post an email using your preferred email component.

Just my 0.02.

Chris
Jul 20 '05 #11

P: n/a
It seems "CJM" wrote in comp.infosystems.www.authoring.html:
Option 2:
Use a graphics package to create a graphic showing the email
address. Obviously, this means that the user must type the
address into their email client manually.


And it screws people who are blind or visually impaired.

--
Stan Brown, Oak Road Systems, Cortland County, New York, USA
http://OakRoadSystems.com/
HTML 4.01 spec: http://www.w3.org/TR/html401/
validator: http://validator.w3.org/
CSS 2 spec: http://www.w3.org/TR/REC-CSS2/
2.1 changes: http://www.w3.org/TR/CSS21/changes.html
validator: http://jigsaw.w3.org/css-validator/
Jul 20 '05 #12

P: n/a
It seems "CJM" wrote in comp.infosystems.www.authoring.html:
Option 3:
Dont give out the email address. Use a form and some server-side
to post an email using your preferred email component.


The US Postal Service reached a new low in this technique. I typed
in my e-mail address (comment forms never tell you theirs, but
insist on knowing yours) and my comment. When I clicked "Submit" I
got a lengthy -- about a dozen fields -- form for "logging in" to
send my comment.

To the bloody Postal Service!

--
Stan Brown, Oak Road Systems, Cortland County, New York, USA
http://OakRoadSystems.com/
HTML 4.01 spec: http://www.w3.org/TR/html401/
validator: http://validator.w3.org/
CSS 2 spec: http://www.w3.org/TR/REC-CSS2/
2.1 changes: http://www.w3.org/TR/CSS21/changes.html
validator: http://jigsaw.w3.org/css-validator/
Jul 20 '05 #13

P: n/a
On Thu, 22 Jan 2004 10:47:49 -0500, Stan Brown
<th************@fastmail.fm> wrote:
It seems "CJM" wrote in comp.infosystems.www.authoring.html:
Option 3:
Dont give out the email address. Use a form and some server-side
to post an email using your preferred email component.


The US Postal Service reached a new low in this technique. I typed
in my e-mail address (comment forms never tell you theirs, but
insist on knowing yours) and my comment. When I clicked "Submit" I
got a lengthy -- about a dozen fields -- form for "logging in" to
send my comment.

To the bloody Postal Service!


Should've just mailed them ;)
Jul 20 '05 #14

This discussion thread is closed

Replies have been disabled for this discussion.