Don’t Broadcast my Email!

Students in web design are creating (possibly) a new web site for the ITL department. But one thing that is always important to me is making sure that everyone know how to publish email links without just putting them out there for spam-bots to harvest. There are all sorts of complicated ways to prevent this; but there are also some very simple ways that can limit the nefarious spam industry. Here are the simple ones in order of complexity:

1) You simply use the [amp#64;] character instead of the @ sign in your code. This is quite easy; but there are numerous email harvesting spiders that can reconstruct this, so the amount of protection is very minimal.

2) You could also use characters or even type the address differently to obfuscate the address: name (at) washjeff _dot_ edu. This works a bit better, but depending on the formulae, most of these have been cracked; and from a user-interface perspective it can create effort on the part of the sender. This is a less than ideal solution if you actually want people to contact you. Plus, its pretty easy to de-munge.

3) In your code you could replace the actual text with hex values for the characters. This provides a bit more protection that the steps above, but there are still bots that can crack it. That being said, unless you are attracting spammers, it’s probably enough protection. Most certainly, it’s better than nothing! You can find tools online that will generate this for you. This is probably the course of action that you want to take if you are avoiding javascript.

4) You can use javascript to obfuscate the email address. As long as users have javascript enabled, they will see a clickable email address, but the bots will encounter javascript. It’s only a matter of time until this process becomes less effective; but thus far it still works well for me and the organizations I’ve done development for. I use the online tool Enkoder to generate the javascript for me. Supper-easy.

Of course there are better ways to do this - you could create a form, use captchas (annoying), or use a php script to protect email addresses. But truthfully, the javascript method works well enough unless you are being targeted and it is much better than just posting the email address out there where anyone can see it. Publicly broadcasting email addresses is a sure indicator of novice development - you don’t want to do it.

Posted by Fee in • EducationTutorialWeb Development
(0) Comments • (0) TrackbacksPermalink

Next entry: Education Doesn't Need Technology

Previous entry: Flash is Dead

Comments:

Add your own comments:

Commenting is not available in this weblog entry.