1 Can it be done with PHP?

Could spam blocking be done with using PHP vairbales and then reasembling the e-mail address when the page is put into a browser?

posted at 05:08 am on May 24, 2002 by Phill

2 isn't this easier?

Hmmm…do these forums encode user e-mail addresses when they’re input?

I do the following on my site:

mailto:aliotsy@theKILLSPAMthousand.net?subject=remove KILLSPAM from address

does anyone know if this is effective?

posted at 05:38 am on May 24, 2002 by aliotsy

3 no perfect way

I don’t think there is really a way to block email harvesting and make it easy for the end user to click a mailto. I have seen ways using test gifs and code linking, but if a browser can render the “coded” address properly a havester can be made to do the same thing. The best way to combat spam is at the email server level. Either your company, ISP, or your own home email box. By using such things as Spam Assassin, procmail filters, or other products.

posted at 05:53 am on May 24, 2002 by Randy

4 re: isn't this easier?

Only if the end user understands that they need to edit your email address. If your site is known to be visited by web-savy people then probably. But on a site visited by people that are amazed that a simple click can open their email client with a message ready-to-go. It may not work.
Probably one of the best ways to allow end-users to contact you is a form similar to the contact form at zeldman.com. Bypassing the users email client altogether. Wait I just viewed-source and his email address is in the code, nevermind. Ok see example to contact the Web Master at www.mwenergy.com.

posted at 06:06 am on May 24, 2002 by Randy

5 I've Been Using an Encoder since 1999

Good article! I’ve been using an encoder I found in a March 29, 1999 Dear Dr. Website column from Internet World. The site I used (and which is still in existance) can be found at: http://www.siteup.com/encoder.html

I ran my site through the validator and no “defective” email addresses showed up! I didn’t start getting spam at my address until I used my address to register for the SXSW festival (silly me: I was looking outward, never thinking I’d be skunked from the inside! -grin). I will say, it seems to have subsided in the last month or so.

posted at 06:27 am on May 24, 2002 by Jeff

6 Good, for now...

Encoding all the characters as html entities is quite ingenious. However, it shouldn’t take the savvy spambot developer long to convert all those entities back to characters…ugh!

posted at 07:12 am on May 24, 2002 by

7 a chink in the armour

My own pages use the trick mentioned in the article but it does have a fairly serious flaw that nobody has addressed: it relies on client-side JavaScript.

If a user has disabled scripting than they get nothing. I suppose they can always view the source code and re-assemble the e-mail address from the numeric equivalents, but who’s going to do that?

I’m starting to think a feedback form may be the only option.

posted at 08:07 am on May 24, 2002 by Dave Calam

8 Use flash?

You could always put your email link in a tiny swf. This of course comes with all the associated baggage but should keep the link away from spambots.

posted at 08:14 am on May 24, 2002 by

9 RE: a chink in the armour

I wrote a similar JavaScript encoder that addresses (no pun intended) this problem (i.e. users that have JavaScript turned off). Similar to the Hivelogic solution, it encodes the e-mail address in Unicode, as well as the mailto: porition, so spam bots can’t even detect that it is a mail link. Furthermore, it allows for non-JS browsers to be directed to a feedback form. Take a look at: [url=“http://www.gazingus.org/js/?id=106”]http://www.gazingus.org/js/?id=106[/url]

posted at 08:33 am on May 24, 2002 by Dave

10 Oops

Oops. That should be: http://www.gazingus.org/js/?id=106

posted at 08:40 am on May 24, 2002 by Dave

Discussion Closed

New comments are not being accepted, but you are welcome to explore what people said before we closed the door.

Got something to say?

Discuss this article. We reserve the right to delete flames, trolls, and wood nymphs.

Create a new account or sign in below if you’d like to leave a comment.

Forgot your password?

Subscribe to this article's comments: RSS (what’s this?)