Html Encoding Of Email Addresses (stop Harvesting)

Many people leave his e-mail address on the homepage of his site. That is spammer's favorite. They can browse your site and catch the email addess in their list. Then a lot of garbage email will be sent to the email address.

There are lots of solusion for the problem. One is to use a hyperlink to another website to redirect the email address. It seems a little complicate.

Another is html encoding. That is, each alphabet of the email address will be enconded. For example, "this@is.a.test" will be enconded into "this%40is%2Ea%2Etest". The encoded string seems nonsense, but it works. As long as you put "this%40is%2Ea%2Etest" within your html code, then "this@is.a.test" will be exactly shown on the page.

How to do this? Don't worry, w3school.com give us a useful tool to do it, referring to http://forums.xisto.com/no_longer_exists/.

Edited July 29, 2005 by microscopic^earthling (see edit history)

another thing that I've seen a lot of webmasters do is something along the theme of webbyNOSPAMatnevernormaldotcom....a spammer has to literally reedit the email address to remove all the excess to put you on their lists.

i would just creat a e-mail account account somewhere and they can spamm me all they want, but the no harrvesting thing might help a lot of ppl.

Not so sure how reliable this is. I remember doing this before in the past and it doesn't seem to work. I still got lots of spam and virus emails. I'm sure they decoded it somehow. Spammers are getting smarter and smarter arrggg.

Two methods that I hear that are effective against email leechers is:

1. To use javascript instead and piece your email address together. Just assign a variable to your main username, the @yahoo or whatever part, and then the domain (.com, .net, etc...). Then just combine all three parts into your full email. I know some popular sites that use this. Not sure how effective though since I haven't given this a spin myself.

2. To use an image displaying your email address. OK, this one I definitely gave a try. Seems like these idiots have too much time on their hands though. I had more spam and virus emails coming in than when I had my emails in plain text. So I just took down the image.

The safest and most effective method to prevent getting spammed is to use a contact form. Don't just use any ordinary form like a plain HTML one. I searched for this and found that if you use a PHP contact form, there is no way they can get your email address and spam you. They can still spam you, but they will have to do it manually by filling out the required fields and then hitting the submit button. Probably more work than it's cut out for them LOL. I have looked and found a handful of PHP contact forms. Didn't like any of them except for this one. Setup should be a breeze and before you know it, users can start using that to contact you.

Just for the purpose of this post, those who are interested don't need to do this manually by using that ASCII table. Just go to a site like this one and it will encode the email for you. But like I said, it doesn't seem to be effective.

What I've seen a lot of sites fo to keep email addresses from being spammed, yet allowing the website owner to be contacted is to make the email address a jpg or gif file. That way, the email address can be copied by those who really want to contact the person and the spammers get nothing for all their attempts at harvesting.As hard as one tries, these spam harvesters will continue to get their booty. They want those addresses and they get them.Just remember never to click on an email you've received if it is from an unknown person. It will keep your viruses down and it will make reading your important mail much easier. Delete is such an easy thing to do.

What is harvesting?

Cheesecake, harvesting is one way that spammers get a list of email addresses. There are programs that go to different web sites on the internet and they find or harvest as many email addresses as possible.Ever wonder why you get so much spam?Spam is unwanted email sent to you by those who have gotten your email address thru a variety of means. Fill out a request for a sample of aspirin, send an e-card, register as a member of a forum and your email is out there.It is a multi-million dollar problem and costs website owners a lot of grief, not to mention those who receive the spam in their in-boxes.

Just for the purpose of this post, those who are interested don't need to do this manually by using that ASCII table.  Just go to a site like this one and it will encode the email for you.  But like I said, it doesn't seem to be effective.

<{POST_SNAPBACK}>

The link is very cool. I have a question after I saw the link. May whole page be encoded as that? If it does, is there any benefits?

The link is very cool. I have a question after I saw the link. May whole page be encoded as that? If it does, is there any benefits?

Yes, you can encode the whole webpage basically similar to that. There is a free program called HTML Cipher which will do just that. It will encode everything for you, including the emails.
Benefits? Probably not much. Like I said, these spammers/harvesters are getting smarter and smarter each day. I'm sure they know how to decode this automatically by now.

If you encode the whole page, there might be some benefit if you don't want users to see your source code. HTML Cipher also provides features to, in a way, "secure" your webpage so the source code can't be viewed easily. But there's always a way around this. And like the email method, it can be decoded within minutes.

My suggestion is to go with the contact form. Take a look at mine here. No email address to be shown anywhere there. It's just using PHP to do all the processing behind the scenes

Just like WeaponX, I think simply replacing "ats and dots" with their well known html-encodings won't do.

I am working at a university and had to learn that university web sites are a paradise for harvesters

For our department I decided to use the javascript technique, combining cloaking and putting pieces together. The idea is to let the harvesters not even discover that there is an e-mail address on the page...

<a href="javascript:send2('ex a, mp, le#u n,i-er lan,,gen,,!d e')">

As you can see, the traitorous bits are cloaked and some meaningless chars are inserted.

A colleague of mine has developped a different solution (using server side scripting, of course): email addresses will not be shown before the visitor has proved to be human.
His explanation is in German but I am sure you will guess the idea behind it:
http://forums.xisto.com/no_longer_exists/

Calixt