Spam-Proofing Your Web Site
Three Harvestable Addresses On One Page
When I took a look at the URL of a web page maintained by
someone who had asked for assistance,
I found three harvestable addresses.
One in a META tag:
Another was in a mailto link:
The third was in a link to PayPal, as in
Although all of these are in the source code, not visible to humans
viewing the web page, they are visible to robots and easily
harvested.
Hiding Email Addresses on Web Pages
Many methods have been devised to hide email addresses on web pages.
A few are discussed below.
Methods that require no email address on the web page, visible or hidden,
are also discussed.
The Most Effective Method of Hiding an Email Address
The most effective method, in my view, is publishing the address as an
image. (The text version of the email address should appear nowhere on the
page, not even in the source code.) The email address is visible to
humans viewing the image, but harvesting robots probably are unable
to extract it.
Humans can read the email address and type it into
their email program.
Granted, that is a bit of a bother for folks who prefer to click
something and their email program launches with the destination
email address pre-filled in.
Typing the address anew also introduces
the likelihood of errors.
Linking To Hidden Email Addresses
For linking, the image with the email address, as discussed above,
can be used.
Linking must
be in such a way that the text version of the email address exists
nowhere on or in the web page or its source code.
HTML Obfuscation Schemes
Various HTML obfuscation schemes exist. The obfuscation is probably
more effective on humans than on robots. All HTML encoding I'm aware
of can be reversed with a line or three of programming code.
JavaScript Obfuscation Schemes
Various JavaScript methods exist to hide email addresses. These
probably work, for the most part, especially the more convoluted
ones.
But it's only a matter of time before a JavaScript engine is
incorporated into the harvesting robots, if it hasn't already been
done. Although I've never done this myself, I'm thinking if people
can build browsers that understand JavaScript, they can also build
robots with the same ability. Open source browsers do exist, so the
programming won't have to be from scratch.
Then, JavaScript that reveals email addresses to humans will also
reveal the addresses to harvesting robots.
Obfuscation Schemes Will Fail
My psyche doesn't resonate well with the idea of spamming, so maybe
I'm way off base. But it seems to me that "hidden" email addresses
are more likely to be valid and deliverable. They must be considered
valuable since someone expended the effort to hide them. This could
be an incentive to develop JavaScript-enabled harvesting robots.
Removing Email Addresses from Web Pages
Here are three methods that allow the web site user to click on
a link and write an email. The first method opens the user's
email program. The second and third methods present a form to the
user — one for single-destination communication
and the other for variable destinations.
Using Master Spambot Buster
Master Spambot Buster
(free) uses a regular
http://... link to launch the user's email program with the
destination email address pre-filled in.
It's great for newsletters,
news groups, and web pages.
For web pages, a self-closing popup is
used because the transition from HTTP protocol to MAILTO protocol
causes some browsers to display an otherwise blank "Found" web page.
The popup hides that potentially confusing web page, but that fact
also makes it unusable with some popup blockers.
Using Master Feedback
Master Feedback
(free) is a web page form handler designed at the start to help
spam-proof web sites.
Master Feedback
can handle simple and complex feedback/contact forms and is designed
to resist attempts at form hi-jacking, another nasty spammers' trick.
Using Master Form V3
Master Form V3
($49) can be used to send the email address in two or more pieces,
in hidden fields, to a form template. This is ideal for pages with
many email destinations on a web page.
This does not actually remove the email address, but because it is in
pieces separated by other HTML code and/or content, it is unlikely to
be reconstructed automatically by harvesting robots.
That form can then be used to send a message
to the email address, with the address being reconstructed
by Master Form V3
only when the email message is ready for sending on the server.
Email technical support is always free for
Master Form V3.
If you require assistance setting this up, simply send support a
request.
To remove the pieces of the email address completely,
Master Form V3
can be modified to look up email addresses in a file hidden on the
server, so a code can be sent to the template instead of the broken
up email address.
Master Form V3
is designed to prevent form hi-jacking, which is another nasty spammers' trick.
(In case the idea of feeding junk email addresses to harvesting
robots is raised, let's not. The bad spammers spoof From: and
Return-Path: addresses in the emails they send. Every undeliverable
email will then be returned to an innocent's email box, not to the
spammer's.)
Will Bontrager
©Copyright 2006 Bontrager Connection, LLC Bontrager Connection, LLC
Please note:
Articles on this website are presented "as is". However -
If you have a question about a CGI script, HTML, CSS, PHP, or JavaScript
Ask one of our Experts and you'll have your answer!
Click here for details.
