After getting sick and tired of all of the junk mail that my company receives from having our email addresses on our webpage, I have decided to convert all of the e-mails on the webpage to images. This should prevent any scripts or bots used to harvest emails from grabbing the addresses from our yet still enable people with legitimate inquires to find our email addresses and contact us.

Additionally, I thought I would set a little trap for all the spammers out there who harvest email addresses. I left one e-mail address up. This address is an alias stack which will forward to the FTC and my SpamCop account and is clearly marked on the page that it will do so (of course, the bots won't see that ;-) )

I'm hoping that this will reduce the overall level of spam to my company. What do you folks think?

If want to check out the deployment first hand, my page is www.earthsunmoon.com

The graphic e-mail addresses look like links. I suggest linking to a contact page that generates an e-mail (like this: http://www.skolnick.org/contact.shtml). Be sure that there isn't an e-mail address encoded in a form variable or the script invocation; just because the address isn't visible on the page doesn't mean a harvester won't get it! I had to edit one of the open source e-mail scripts to work the way I wanted.

I used to cringe :mad: when I saw all the bots banging away on my "Guestbook" page, so I also changed it to use image email addresses. (Since the addresses aren't "mine", a "Contact" page doesn't seem appropriate.)

Not exactly the ideal solution, but it sure has cut down the number of hits to my Guestbook page.

Some other ideas are in this thread (http://aota.net/forums/showthread.php?s=&threadid=10588).

esmtim,

Even though it seems that no live, non-spamming person should be sending email to a "spam tricker" email address posted on your website, I would urge caution in completely automating something of this type. In fact, it does happen, somehow (don't ask me how...typos or something), that innocent email is sometimes sent to spamtraps.

I would recommend hand-reviewing any email before forwarding it to the FTC.

Also, I certainly hope that you will still be having to manually finish the spamcop reporting process on their web pages?

The reason I ask, is that earlier this year, someone who was receiving the mailing list I run for AP Computer Science Teachers, had a mail administrator who had set up some sort of filtering on "key" words to automatically be reported to SpamCop as spam, with no human review at all (unbeknownst to my list subscriber). When a computer professor at Cal Tech posted a message to the list with the word "FREE" in all caps, advertising a free, online Java workshop for teachers, it triggered this administrator's spam filters, and I was reported to spamcop as a result, blacklisting my mail server for a few hours.

Therefore, I urge caution. Those who are reported for spamming can suffer severe consequences, including termination of their ISP access or other Internet services. It would be a shame that some innocent person suffered such a loss as a result of automating spam reporting. Please, always manually review any mails before reporting them as spam.

skolnick sezI suggest linking to a contact page that generates an e-mail (like this: http://www.skolnick.org/contact.shtml). Be sure that there isn't an e-mail address encoded in a form variable or the script invocation; just because the address isn't visible on the page doesn't mean a harvester won't get it! I had to edit one of the open source e-mail scripts to work the way I wanted.

Where can I find a simple, easy to install, and free script to accomplish this? If I have to do any editing to the script it probably won't work because I am an ignoramus with a capital G!

The bad thing about a contact form instead of a mailto link is that some people just don't know what their email address is. I think this is why I prefer an image.

some people just don't know what their email address is That occured to me, too. Not that anyone wouldn't know their address but that it would be too easy to make a spelling mistake and then replies would go to the wrong address or nowhere at all. Possibly making them enter it twice would help but that's a pain, too.

I do not know if this is a concern of anyone in this discussion, but if your site has any visitors who are visually impaired and use a screen reader, they will not be able to use an image to get the email address. Unless, of course, you include the email address in an alt tag, which defeats the whole purpose.

Here is a screen reader simulation, if you would like to see what it is like for visually impaired to surf the web:
http://www.webaim.org/simulations/screenreader

Originally posted by Binky:
Where can I find a simple, easy to install, and free script to accomplish this? If I have to do any editing to the script it probably won't work because I am an ignoramus with a capital G!
Hmmm. A script that requires no editing would have to read your mind. That's asking a lot!

Try the mail script ("Formmail") from nms (http://nms-cgi.sourceforge.net/scripts.shtml). The configuration is minimal, the directions in the readme are excellent, and it has a built-in capability to conceal your e-mail addresses.

I hadn't thought about that. I wonder if you could use a phonetic spelling in the ALT tag?

A script that requires no editing would have to read your mind. That's asking a lot! Surely there's some mindreading software out there. Preferably free. ;)

Oh, I suppose I can edit a config file. I just meant that if there was hacking involved it would probably be beyond me.

This is how I display my email address on my website:

andi@NO SPAM.BOTSandilinks.com

I use a different color and smaller font size for the "NO SPAM.BOTS" portion. This has the advantage of being able to be copied and pasted into a mail form with the spambot portion simply deleted out instead of requiring a complete transcription from a graphic image. Another variant that I've used is andi at andilinks dot com.

Andi