I'm working on a site for a client, basically am recoding entire site in plain HTML b/c they don't want to go thru a CMS anymore... (plus the CMS was generating atrocious markup...)
so how could I go about this? can't do with forms, there a many different addresses on the site (lists of names with email addresses next to them..)
now I found this thread:
response #2 offers a back-end solution.. does this solution seem plausible?
how exactly would it work? if we just print address for duration of the session, would spam-bots still find it?
what other solution is there here? (maybe do one form for all addresses, passing the address in a query string when you link to the form? would that expose the address to spam-bots?)
Spammers definitely consider having the email address display in the web page to be a big pro for them regardless of how it is encrypted within the page. They can always employ a few thousand people from some country where a few cents an hour is a good wage to manually view web pages and record email addresses if they can't find any other way to get those email addresses.
As I said in my previous post, "There are pros and cons of both mailto links and contact forms ... Ideally, you'd give people the option of which method they want to use."
The disadvantage of email links is that there are lots of computers where they will not work at all such as schools, libraries, internet cafes etc. The only people guaranteed to be able to use email links are spammers since anything you do to try to block spammers from using an email link will also block at least 10% of your legitimate visitors who could have used the email link if you weren't trying to block the spammers. So if you do provide an email link then providing an email form is just about mandatory as otherwise you'd be blocking at least 15% of legitimate visitors from being able to email you and possibly a lot more.
That's true. Although if that happens, you can always set up a new address and give a bounce message on the old one instructing people to use the new one instead.
There are pros and cons of both mailto links and contact forms. The disadvantage of forms is that some people don't like them - they like using their preferred email client, which has spell-check, maybe formatting, plenty of space to write in rather than the postage-stamp-sized textbox that too many forms have, the option to save drafts and keep a copy of sent messages, no need to type your email address in with the concomitant risk of getting it wrong (which people do a lot). Ideally, you'd give people the option of which method they want to use.
I prefer to display foms than email addresses but when a customer asks for it, I must obey.
What I do is hide the email address into an standard URL.
In addition to that, I have the page "john.php" that redirects to contact.php (or any other page), where there is a contact form.
This technique provides :
- no email address into the page (neither HTML nor JS),
- email links on the fly for human users,
What is not covered :
- When the email addres is on another domain. I generally create a local alias that forwards to the real address.
The disadvantage of any method of trying to hide the email address in links is that once spammers figure it out there is nothing you can do to get that address back.
The way to protect email addresses from spammers is to use a form and add the email address after it is submitted. That way if you start getting spam you change the server side form validation to filter it out and they still don't have the address.
I've found that replacing the @ with & #064; (without the space, obviously) in both the href and the link text is quite successful at keeping the volume of spam low - it isn't foolproof, but it is effective.
The only way to stop spammers seeing mailto: links is to not use them. They are not very user friendly in any case since not everyone has an email program available for it to link to (eg. your local library or internet cafe).
Yes, of course it could work to a degree creating a server-side button to click before it actually revealed the e-mail link. Just like logging to this site needs you to click a button first before you can see additional content but I meant click a button and then it [server-side] will insert your mailto link into a paragraph, etc.
Also Using a mixture of Hexadecimal entity references (i.e., substituting random characters/letters) in a direct mailto does tend to work to some extent. Since if the spam-robot just scrapes a text string; the spam-bot will end-up trying to email things like the & ampersand character within an e-mail address - instead of a normal letter, that can be viewed by a human and browser, etc.
Try MobileFish.com they offer a script generator to hide email addresses.
oh brother, that last one was a stupid suggestion.. since email address would be in markup..
maybe link could be generated from back-end with address somehow obfuscated and then parsing when reach the form? or something like that??)