Clarifytech.com


Clarify Technical Services - Tip #2

Stopping spammers from harvesting email addresses from your website:

Applies to: Website Development.
Last updated: Sunday May 29, 2005

SUMMARY!

One of the nastiest tricks that spammers use are robot programs called "spambots". These "spambots" crawl all over the internet harvesting the e-mail addresses they find on web pages and adding them to large databases, which the spammers can then sell to other spammers as verified mailing lists, or use themselves to entice us to Find a Cheaper Mortgage, Buy Viagra Without a Prescription, or Get a Larger Body Part Now!!! The spambots work simply by looking for strings of text on web pages that follow the typical pattern of e-mail addresses, for example: you@yoursite.com
If we could prevent the spambots from seeing strings of text in that form, then we could prevent them from harvesting the addresses. The most successful method for accomplishing this is with the use of some simple Java script.

If we could prevent the spambots from seeing strings of text in that form, then we could prevent them from harvesting the addresses. The most successful method for accomplishing this is with the use of some simple Java script.

Note:

Web browsers need to be Java enabled for this to work, which is generally the case. However I have included a way of helping out those who's browsers are not yet java enabled or don't have java installed. This is done with a redirect page called mail.htm which also contains a link the java.com.

TECHNICAL DETAILS

The typical way to embed a "mailto" link in HTML code is as follows:

Send e-mail to <a href="mailto:you@yoursite.com">you@yoursite.com</a>

which would display as:

Send e-mail to you@yoursite.com

In most common browsers, passing the mouse over the link causes mailto:you@yoursite.com.com to appear in the browser's status bar, and clicking the link will launch the user's e-mail program with you@yoursite.com already filled in as the destination address. We only need to make a little modification to this scheme incorporating some JavaScript to fool the spambots. Code the "mailto" link like this instead:

Send me an <a href="mail.htm" onmouseover="this.href='mai' + 'lto:' + 'you' + '@' + 'yoursite.com'">e-mail</a>

This will display as:

Send me an e-mail

Or

<a href="mail.htm" onmouseover="this.href='mai' + 'lto:' + 'you' + '@' + 'yoursite.com'">Mr. you</a>

This will display as:

 Mr. you


Note that I've altered the text so as not to display my e-mail address on the page. (You might think that this alone would be enough, but it isn't. The spambots would still read your address from the <a href="mailto:you@yoursite.com"> tag if you used the conventional method.)

But here's the real cool part:

If the user's browser is JavaScript-enabled, then passing the mouse over the link will cause mailto:you@yoursite.com to appear in the browser's status bar. And clicking the link launches the user's e-mail program with you@yoursite.com as the destination address.

This happens because the browser reads and interprets the onmouseover code within the link tag, adding together the fragments mai, lto:, you, @, and yoursite.com into a single string mailto:you@yoursite.com and turning the string into a link. Breaking up the link text in this way is all that we need to do to stop the spambots.

If the user's browser is not JavaScript-enabled, then the onmouseover code is simply ignored. Clicking on the link will then take the user to the page specified in the href attribute of the link tag, which in our example is mail.htm.

This page is one you create to explain to your JavaScript-challenged site visitors what you're up to, and it's easier to show you an example than to describe it. Take at look at my version for this site. You can also download a text file to make it simple for you to create your own file. Just right click in the link and select "save target as". Text file text version .

PROCEDURE

It's just that easy. Simply copy and paste the code below into notepad or any other text editor, and replace you, yoursite.com, and link text with whatever's appropriate for your site.

<a href="mail.htm" onmouseover="this.href='mai' + 'lto:' + 'you' + '@' + 'yoursite.com'">Linktext</a>


which will display as:

Linktext

If you'd prefer your link text to display something that looks like your e-mail address, then you could do something like this:

<a href="mail.htm" onmouseover="this.href='mai' + 'lto:' + 'you' + '@' + 'yoursite.com'">you[at]yoursite.com</a>

which will display as: 

you[at]yoursite.com

and which will function in exactly the same way. If you have several e-mail addresses, perhaps for a number of people in your organization, you can list their names against their addresses in the style shown on my example, all on a single page.

Now cut and paste the edited html code into your own web pages using your favorite editor. Don't forget to upload your new pages to your web server and test them.

Note:

If you are using Microsoft FrontPage to build your website, you will have to do these edits in the HTML window since FrontPage will add its own HTML tags to the code strings you enter into the page from the Normal window. A good alternative is to open the pages in Notepad and edit them this way.

CREDITS

I would like to thank Andy Walker for tipping me off to this. - www.cyberwalker.com