Jump to content

Email Addresses On The Webpage


Recommended Posts

I am building a site for a small company that has provided me with a list of 16 individuals that need to be identified on their website. The owner of the company will not allow me to make a PHP form for them. He insists that he wants individual email links for these 16 people!


Though I have tried to explain the result of this very poor decision, he insists.


I have looked at encoders, obfiscators, etc even found a very cool version that allows you to require the user to fill in the letters shown in the picture (the challenge) which bots would not be able to do....



BUT....Couldn't I go the easy way.... List the names, addresses, phones for each person and provide link that says GET EMAIL ADDRESS. Tell them to fill in the password (text shown in a jpg image) to access the email link. The password code could be ASP or PHP for the individual email address page, and the code would not show in the webpage itself. Even if linked from an outside source, a password would still be necessary to access the page. The protected page would have regular mailto: links on it.


Bots would not be looking for a password like that and since the email links themselves would be unavailable to the bots, they would be safe from harvesters.


Anyone see a downside to this? Do I need to post a sample?

Link to comment
Share on other sites

I was not going to ASK him about the new idea...just implement it. Then have him test it. If it is simple he will agree.


He thinks it would cause 2-3 spams a day to a few addresses and will not accept that it's possible to get more than that per day! He has never published the addresses in print and has never had a site before. If he only wanted one general address, I would go ahead and make it public. If I just throw his 16 employee emails out on the web, live open links, spammers will eat them up. In good conscience, I can not do that for so many addresses. Sometimes you just have to protect someone from that kind of MAJOR problem!


Yes the encoding issue has the downside that some people have things turned off and do not know how to turn them on. That's why I thought of the simple password to get to the email address page. No problems with blocking...allow customers in, keep spam bots out.


Can you see any downside to doing that?

Link to comment
Share on other sites

I understand your frustration. The only downside to your idea is they have to give out the password to have people access it. So if you have to contact the people with the password why not just give them the email address and thus not have to put it on the site at all.


Never mind I just re-read what you wrote about making the password a jpg image. So no I don't see a downside except for the extra step people have to make to send an email.

Link to comment
Share on other sites

The downside is, as Bruce said, an extra step for people to muddle through. Weigh the alternative and see if it's worth it.


If you have time, which it seems you may not, make a fake/temp email account on your TCH account and throw that address in a plain mailto: on the front page of one of your most popular pages and let it sit a couple of weeks and report back to him the tens or hundreds of spams you get in that time.


Right now I only have one address in plain text on the web and that's because it is in links to my client's site from other fishing directories. There's only about a dozen places it is listed and most are just text, not a mailto, but I have 3800 spams in my spam folder and they go away after 30 days.


This means that I'm averaging about 127 per day and at least 90% are from that one address. My church gets only the ones that someone manually harvests. Dunno if it will help make your case but feel free to use the example and if you need anything else just PM me.

Link to comment
Share on other sites

How about a contact form?


One that just lists say thier names (or departments), the person enters THEIR email address and text and out it goes. They (or bots) never know or see the address the email gets sent to. When the person gets the email, then they can reply if they want.

Link to comment
Share on other sites

The owner of the company will not allow me to make a PHP form for them (my preference).


Will make a sample that offers the encryption and the password technique and give him the choice. Even if it is not as secure in the long run, I expect he will go with encryption because it will not be obvious to his visitors.


Thanks for input folks!

Link to comment
Share on other sites



At the end of the day, nothing is going to stop a spammer from sending an email to an email address, they don't even have to know it exists, e.g. many people who have sites have say administrator@mydomainname.com or webmaster@domainname.com and hence spammers just pick the "mydomainname" and just send it, regardless of whether they have seen it or not.


Whilst I can not see a problem with the JPEG its just another step.


I would suggest using javascript. I have one that jumbles it all up on the page / code but clicking on the link actually gives the correct @ address.


Just a thought



Link to comment
Share on other sites

Final result... No password/image or javascript either.


Used the complete MAILTO obfuscation - combination of Hexadecimal and ISO characters from this page.



Client likes result:

- visually plain email link, using staff name for link

- has floating tooltip for each link that says "click here to email Bill", etc.

- preloaded subject in email


I have warned him that eventually a spambot will capture those addresses. (hopefully it will be a while)

He accepts that and is content.


In the end, if he is happy, that is all that counts. :)


Thanks for the input and opinions.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...