Anti-spam strategies: Difference between revisions

From UUWiki
Jump to navigation Jump to search
(added "Include a subject line")
No edit summary
Line 20: Line 20:
name at email.org      name at email.org
name at email.org      name at email.org
name&amp;nbsp;@&amp;nbsp;email.org        name&nbsp;@&nbsp;email.org</pre>
name&amp;nbsp;@&amp;nbsp;email.org        name&nbsp;@&nbsp;email.org</pre>
==Mundge your addresses==
This is a better way to disguise address since 1) the links still work for humans, and 2) spammers are soon gonna figure out about Mailman-style obfuscation.  See [http://www.brettglass.com/spam/paper.html#WebPageHarvesting Stopping Spam and Malware with Open Source] by Brett Glass for complete details.


==Invisible HTML==
==Invisible HTML==
Line 25: Line 29:
If you insert meaningless html into an e-mail address then the Spambots will not recognize the e-mail address pattern, but when it is rendered for the end user it will be in the correct format.  For example "<NoSpam>Username@</NoSpam>domain.tld" will render to the end user as "Username@domain.tld" with the meaningless tags dropping out.  The advantage over images being the ability for the user to cut and paste the address.
If you insert meaningless html into an e-mail address then the Spambots will not recognize the e-mail address pattern, but when it is rendered for the end user it will be in the correct format.  For example "<NoSpam>Username@</NoSpam>domain.tld" will render to the end user as "Username@domain.tld" with the meaningless tags dropping out.  The advantage over images being the ability for the user to cut and paste the address.


==Server Side e-mail Form==
==Server Side Form instead of an Email Address==
Spambots can not collect information that is never displayed.  If you have the ability to use server side scripting then you can create an "E-mail Me" form for user to fill out.
Spambots can not collect information that is never displayed.  If you have the ability to use server side scripting then you can create an "Contact Us" form for users to fill out.


This could further be beneficial by setting up standard subject lines or body content (subject "E-mail from online form").  That way if you are running spam filters on your e-mail account you can make sure that e-mail submitted from online forms are not filtered.
This could further be beneficial by setting up standard subject lines or body content (subject "E-mail from online form").  That way if you are running spam filters on your e-mail account you can make sure that e-mail submitted from online forms are not filtered.
Forms can take user input and email it to a list, sort it, stuff it into a log or database, or perform any desired operation including any combination of the above.  One disadvatage: if the vistor does not enter their email address correctly, you won't be able to respond to them with email.


==Include a subject line==
==Include a subject line==


With all the spam we're getting, it's best to write your own subject line so that you can catch the message when it comes into your In Box or accidentally sorts into your Spam Box. This can be done on standard mailto links, javascript links, as above, and server side email forms.
With all the spam we're getting, it's best to write your own subject line so that you can catch the message when it comes into your In Box or accidentally sorts into your Spam Box. This can be done on standard mailto links, javascript links, as above, and server side email forms.

Revision as of 14:51, 22 September 2004

Putting email addresses on web pages is sure to result in spam being sent to the address, since many robots harvest them for spammers. Currently, most of the robots can be thwarted by these simple methods. But they will probably get smarter over time.

Use a image of an email address

Email Image Generator

JavaScript replacing Mailto

Davies Memorial UU Church uses a no-spam javascript. You need to put it both in the header and replace each mailto link. The drawback is that browsers with javascript disabled will not be able to use the links. Also, see below for "Include a Subject Line".

Text email addresses

You can create text for the email address with "at" replacing "@" and have spaces on either side of the word as is done in the Mailman list archives and subscribers' lists for UUA email lists (accessible only by list subscribers). For instance, dmuuc at dmuuc.org. One would have to view it and reform it into an email address. Most spammers wouldn't be bothered. You can create text for the email address with "at" replacing "@" and have spaces on either side of the word as is done in the Mailman list archives and subscribers' lists for UUA email lists (accessible only by list subscribers). For instance, dmuuc at dmuuc.org. One would have to view it and reform it into an email address. Most spammers wouldn't be bothered.

To make sure your text email addresses stay together on one line, use some variation of this markup:

     Source                             Result

name&nbsp;at&nbsp;email.org       name at email.org
name&nbsp;@&nbsp;email.org        name @ email.org

Mundge your addresses

This is a better way to disguise address since 1) the links still work for humans, and 2) spammers are soon gonna figure out about Mailman-style obfuscation. See Stopping Spam and Malware with Open Source by Brett Glass for complete details.


Invisible HTML

If you insert meaningless html into an e-mail address then the Spambots will not recognize the e-mail address pattern, but when it is rendered for the end user it will be in the correct format. For example "<NoSpam>Username@</NoSpam>domain.tld" will render to the end user as "Username@domain.tld" with the meaningless tags dropping out. The advantage over images being the ability for the user to cut and paste the address.

Server Side Form instead of an Email Address

Spambots can not collect information that is never displayed. If you have the ability to use server side scripting then you can create an "Contact Us" form for users to fill out.

This could further be beneficial by setting up standard subject lines or body content (subject "E-mail from online form"). That way if you are running spam filters on your e-mail account you can make sure that e-mail submitted from online forms are not filtered.

Forms can take user input and email it to a list, sort it, stuff it into a log or database, or perform any desired operation including any combination of the above. One disadvatage: if the vistor does not enter their email address correctly, you won't be able to respond to them with email.



Include a subject line

With all the spam we're getting, it's best to write your own subject line so that you can catch the message when it comes into your In Box or accidentally sorts into your Spam Box. This can be done on standard mailto links, javascript links, as above, and server side email forms.