Best Method For Foiling Email Harvesters? 506
pjp6259 writes "One of the common ways that spammers generate email mailing lists is by harvesting email addressess from websites. But in many cases you also need to make it easy for your customers to reach you. I have found three common solutions to this problem: 1.) Use an image to replace your email address. 2.) Use ascii encodings for some/all of the characters. 3.) Use javascript to concatenate and/or obfuscate your email address. Which of these methods are most effective? Are email harvesters able to interpret javascript? What do you use?"
SpamGourmet.com (Score:5, Informative)
Makes it trivially easy to create a unique forwarding address for any website you care to visit, then set the domain of that site as an exclusive sender for that address.
If a 3rd party starts spamming you at that address, Spam Gourmet just drops it, but continues to deliver relevant mail.
Oh, and it's completely free.
Re:Make people think to figure out your e-mail (Score:5, Informative)
Exploit poor coding standards. (Score:3, Informative)
Another method.. (Score:5, Informative)
I then use separate email addresses for everything I sign up for. E.g. my bank email address is different from my health fund email address, which is different from my all of mp3 email address etc. I use a little code which isn't obvious(similar to a lookup table) to code each website into the username portion of the email address... That's why I'm a little annoyed at allofmp3.com at the moment, as I've supplied two email addresses to them on only two occassions, and both are huge spam recipients. So it's clear that not only does their financial arm sell my email address, but their online store does too.
This method is good for 2 reasons: It's very easy to direct all email from particular addresses straight to the trash should they become spam targets and secondly, it's very easy for me to figure out (such as the allofmp3.com case) who sold my email address to spammers and when.
Re:Make people think to figure out your e-mail (Score:2, Informative)
I added a checkbox which was checked by default saying "I'm a spammer" and a short explanation for people to uncheck it.
A couple of days later I started getting spam again.
Spammers aren't always stupid people (if you don't judge them by their actions).
Next thing was adding a captcha (from Free captchas [captchas.net]) and now I don't get any spam anymore.
Re:Fuck 'em! (Score:3, Informative)
I think it works best on an individual basis, really. You could let everyone in the domain know that there's an option available which would help cut down on spam but might occasionally delay e-mails. For some people this will be completely unacceptable, but others will jump at the chance to reduce spam.
Re:Make people think to figure out your e-mail (Score:2, Informative)
http://email.calpoly.edu/spam/HarvestingPrevent
Another is tricky html tags... http://www.web-designz.com/tools/email_encoder.sh
Re:Javascript is evil and often broken (Score:2, Informative)
function DoEmail(Encoded) {
Encoded = Encoded.replace("ZAP","");
Encoded = Encoded.replace("ZING","@");
Encoded = Encoded.replace("ZOO","@yourdomain.com");
window.location = "mailto:" + Encoded;
}
Any e-mail links would point to the javascript function like so:
<a> href="javascript:DoEmail('JohnZAPSZOO')" alt="Remove underscores in the following e-mail: John_S_at_yourdomain_dot_com">John Smith</a> It works fine, and exactly like a mailto: link to the end user (except for statusbar stuff)
Re:Make people think to figure out your e-mail (Score:3, Informative)
-Jar.