Hints for getting around email addrs harvested from web pages?

Discussion in 'HTML' started by David Dorward, Jun 16, 2005.

  1. (PeteCresswell) wrote:

    > Now, of course, I'm getting spammed daily to the link's address.
    >
    > Are there any strategies for avoiding or mitigating this - short of the
    > brute force approach of constantly changing the address?


    Get some decent anti-spam software on your server, such as Spam Assassin or
    Pure Message.

    --
    David Dorward <http://blog.dorward.me.uk/> <http://dorward.me.uk/>
    Home is where the ~/.bashrc is
    David Dorward, Jun 16, 2005
    #1
    1. Advertising

  2. David Dorward

    Domestos Guest

    Interesting one that...

    I'm sure there is some clever way to do it - cos i'd be interested too !!

    I've cut down on my spam ten fold by not including it in my NG profile
    though... don;t forget all these get put online too !!!

    Domestos

    "(PeteCresswell)" <> wrote in message
    news:...
    > I foolishly embedded a bunch of "MailTo" links in a high school class

    reunion
    > site.
    >
    > Now, of course, I'm getting spammed daily to the link's address.
    >
    > Are there any strategies for avoiding or mitigating this - short of the

    brute
    > force approach of constantly changing the address?
    >
    > Also, if changing the addr is the only option, is there a workaround for

    the
    > legitimate users who would use it in the future? i.e. some kind of
    > forwarding/bounce scheme where the user gets a note telling them what the
    > revised address is - but which wouldn't be read by a spam generator?
    > --
    > PeteCresswell
    Domestos, Jun 16, 2005
    #2
    1. Advertising

  3. I foolishly embedded a bunch of "MailTo" links in a high school class reunion
    site.

    Now, of course, I'm getting spammed daily to the link's address.

    Are there any strategies for avoiding or mitigating this - short of the brute
    force approach of constantly changing the address?

    Also, if changing the addr is the only option, is there a workaround for the
    legitimate users who would use it in the future? i.e. some kind of
    forwarding/bounce scheme where the user gets a note telling them what the
    revised address is - but which wouldn't be read by a spam generator?
    --
    PeteCresswell
    (PeteCresswell), Jun 17, 2005
    #3
  4. Per Domestos:
    >I've cut down on my spam ten fold by not including it in my NG profile
    >though... don;t forget all these get put online too !!!


    As you can see by the return address on this message....

    I learned that one the hard way too. Way back, I had unlimited addresses so I
    thought I'd be cute and supply a NG-specific address on each post.

    Now, however, I'd say that the dictionary attacks outweigh the spams from those
    NG posts 10:1. But, since my domain gets 7,000-8,000 spams per day that's
    still a significant number.

    The other bit of advice I'd offer up is to not use your name, nickname, or
    anything remotely resembling same. Instead use initials or, better yet,
    meaningless combinations like "". That should thwart the
    dictionary attacks.
    --
    PeteCresswell
    (PeteCresswell), Jun 17, 2005
    #4
  5. (PeteCresswell) wrote:

    > I foolishly embedded a bunch of "MailTo" links in a high school class
    > reunion site.
    >
    > Now, of course, I'm getting spammed daily to the link's address.
    >
    > Are there any strategies for avoiding or mitigating this - short of the
    > brute force approach of constantly changing the address?


    1) The best solution is to avoid the disclosure of your address to begin
    with, or having a hierarchy of mail boxes. Each box should have a different
    set of rules applied, e.g. some will sit behind a boxtrapper, some will be
    checked periodically yet only once a week, and some will have software like
    SpamAssassin in place.

    2) Since you already got 'filth' in one of your live boxes, create a new
    one, forward all mail from the old one to the new one, but also flag
    forwarded mail so that you know which message came from (to) where. Change
    your reply-to address to ensure that all correspondents slowly begin to
    write to the new address. At some stage, the old address (the flagged
    messages) will contain nothing but spam so you can say farewell and refer
    to point (1). Unfortunately, I learned this the hard way after some
    unpleasant experiences.

    > Also, if changing the addr is the only option, is there a workaround for
    > the
    > legitimate users who would use it in the future? i.e. some kind of
    > forwarding/bounce scheme where the user gets a note telling them what the
    > revised address is - but which wouldn't be read by a spam generator?


    Add a 'Vacation message' to the old account. Everyone who writes to the old
    account will know that you may check that address once a week. Clarify that
    and do _not_ include your new E-mail address, or else spammers will receive
    that too.

    Here is my automatic reply for deprecated accounts:

    ---
    *** THIS MESSAGE IS AUTOMATICALLY GENERATED ***

    This E-mail account was closed due to the high volume of incoming bulk mail.
    It may take me a while to read your message.

    Apologies,
    <Your Name>
    ---

    Hope it helps,

    Roy

    --
    Roy S. Schestowitz
    http://Schestowitz.com
    Roy Schestowitz, Jun 17, 2005
    #5
  6. David Dorward

    Toby Inkster Guest

    Toby Inkster, Jun 17, 2005
    #6
  7. David Dorward

    Simon Guest

    >
    >> I foolishly embedded a bunch of "MailTo" links in a high school class
    >> reunion site.

    >
    > Crazy fool!
    >
    > http://examples.tobyinkster.co.uk/email-hide
    >


    I don't allow JavaScript so I would not be able to contact you.
    ..
    And _if_ the spambot were interested it would not take too long to break
    your code.
    The get enough addresses without having to bother about breaking your
    script, but if they wanted to they could.

    Simon
    Simon, Jun 17, 2005
    #7
  8. David Dorward

    N Cook Guest

    "(PeteCresswell)" <> wrote in message
    news:...
    > I foolishly embedded a bunch of "MailTo" links in a high school class

    reunion
    > site.
    >
    > Now, of course, I'm getting spammed daily to the link's address.
    >
    > Are there any strategies for avoiding or mitigating this - short of the

    brute
    > force approach of constantly changing the address?
    >
    > Also, if changing the addr is the only option, is there a workaround for

    the
    > legitimate users who would use it in the future? i.e. some kind of
    > forwarding/bounce scheme where the user gets a note telling them what the
    > revised address is - but which wouldn't be read by a spam generator?
    > --
    > PeteCresswell


    I use fudging eg mailto

    .u.....k (please remove all 5 dots between the u and k for valid
    email address)

    as active HTML and visible text.

    AFAIK anyone trying to email to that address as it stands will not even exit
    their
    email handler as 5 dots in a line is invalid structure, so no one left
    thinking that it is a dead
    email address after it bounces.
    They know from the outset.
    The fudge is on the correct side of the commercial at so
    no wasted checks with valid company designations on right of the @.
    I have used this structure for some years, loose a few people
    with very poor use of English I suppose is the only down side
    N Cook, Jun 17, 2005
    #8
  9. David Dorward

    Mitja Guest

    On Fri, 17 Jun 2005 11:35:59 +0200, Simon <> wrote:

    >> http://examples.tobyinkster.co.uk/email-hide

    >
    > I don't allow JavaScript so I would not be able to contact you.


    Sure you would. What you see is "you can mail me at user at example.com".

    > And _if_ the spambot were interested it would not take too long to break
    > your code. They get enough addresses without having to bother about
    > breaking your
    > script,

    That's the whole point :)
    Practicality beats purism...

    > but if they wanted to they could.

    Sure, we all know that. But they don't, they'll rather find another Pete
    out there who is yet to start receiving spam.
    Mitja, Jun 17, 2005
    #9
  10. David Dorward

    Toby Inkster Guest

    Simon wrote:
    > Toby wrote:
    >
    >> http://examples.tobyinkster.co.uk/email-hide

    >
    > I don't allow JavaScript so I would not be able to contact you.


    Clearly you *do* allow Javascript.

    I know this because if you actually *looked* at the site without
    Javascript, you would notice that you would still be able to contact
    me.

    > And _if_ the spambot were interested it would not take too long to break
    > your code.
    > The get enough addresses without having to bother about breaking your
    > script, but if they wanted to they could.


    Yeah probably, but why would anyone bother when there are a million other
    addresses out there to harvest with less effort?

    --
    Toby A Inkster BSc (Hons) ARCS
    Contact Me ~ http://tobyinkster.co.uk/contact
    Toby Inkster, Jun 17, 2005
    #10
  11. David Dorward

    AF Guest

    On Thu, 16 Jun 2005 18:17:35 -0700, "(PeteCresswell)" <>
    wrote:

    >I foolishly embedded a bunch of "MailTo" links in a high school class reunion
    >site.
    >
    >Now, of course, I'm getting spammed daily to the link's address.
    >
    >Are there any strategies for avoiding or mitigating this - short of the brute
    >force approach of constantly changing the address?
    >
    >Also, if changing the addr is the only option, is there a workaround for the
    >legitimate users who would use it in the future? i.e. some kind of
    >forwarding/bounce scheme where the user gets a note telling them what the
    >revised address is - but which wouldn't be read by a spam generator?


    I too had the same problems you do. Spam blockers give some
    protection, but not all.

    I tried cgi scripts and php. The problem is that I had to maintain
    the scripts and if I made a typo, I had problems.

    Finally I found Forms To Go at www.bebosoft.com. Think of it like a
    script generator for you. It is a shareware. You can try it for
    free, but they ask you pay them $18 if you use it regularly. The $18
    is worth it.

    Here is why. (be warned though I am not an html expert, so some of
    this may not be quite correct.)

    1. You can create a form on an html page using just about an means
    you want. I have tested Forms to Go with Frontpage, NEtobjects
    fusion, and some hand generated html. It worked with all of them.

    2. Save the web page to your local computer or a web site.

    3. Run Forms To Go and give it the name or location of the web page
    with the form.

    4. Forms to Go then allows you to fill in some settings, like where
    to email to, subject, format of email message.

    5. You can pick the output method: php, asp, perl, and it creates the
    script for you.

    6. Put the script's name in your form actions on the html page

    7 Load the script and page to your web site, and you are in business.

    No typos in your script, no errors.

    It took me longer to type this message then it normally takes for me
    to set up a form.

    I love it. By the way I have no connection to them, so this is
    entirely uncompensated.

    Good luck.

    5. Finally you have your choice
    Best regards,

    Al
    http://www.affordablefloridainsurance.com
    http://www.americanbestmortgages.com
    AF, Jun 17, 2005
    #11
  12. David Dorward

    AF Guest

    snip
    >
    >It took me longer to type this message then it normally takes for me
    >to set up a form.
    >
    >I love it. By the way I have no connection to them, so this is
    >entirely uncompensated.
    >
    >Good luck.
    >
    >5. Finally you have your choice
    >Best regards,

    snip

    Whoops, I should not have left in the part about

    "5. Finally you have your choice " above the signature line

    I am late to an appointment and missed that. So please ignore that
    line.

    Also when I typed "It took me longer to type this message then it
    normally takes for me to set up a form." I should have said "set up
    the mail feature on the form with Forms To Go."

    In my original post, it sounds like Forms To Go helps set up forms
    quickly, when in fact you have to have the form already set up.

    What I meant to say is that once the form and the html page is done,
    then to get it working with email, Forms to Go is quick.

    By the way I just realize I forgot one important thing:

    Fising you email problem essemntially means you have to have a contact
    form on your web page.

    You need at least

    1. A return email address field, if you are to contact a writer

    2. and a body field for the email message.

    So this means you have to use forms.

    The first time using a form is tedious, but once done it becomes a
    snap to set up.

    I have redone most of my web sites and the junk mail is going down
    significantly.

    Again good luck.
    Best regards,

    Al
    http://www.affordablefloridainsurance.com
    http://www.americanbestmortgages.com
    AF, Jun 17, 2005
    #12
  13. (PeteCresswell), Jun 18, 2005
    #13
  14. David Dorward

    N Cook Guest

    "N Cook" <> wrote in message
    news:d8u8bm$ce1$...
    > "(PeteCresswell)" <> wrote in message
    > news:...
    > > I foolishly embedded a bunch of "MailTo" links in a high school class

    > reunion
    > > site.
    > >
    > > Now, of course, I'm getting spammed daily to the link's address.
    > >
    > > Are there any strategies for avoiding or mitigating this - short of the

    > brute
    > > force approach of constantly changing the address?
    > >
    > > Also, if changing the addr is the only option, is there a workaround for

    > the
    > > legitimate users who would use it in the future? i.e. some kind of
    > > forwarding/bounce scheme where the user gets a note telling them what

    the
    > > revised address is - but which wouldn't be read by a spam generator?
    > > --
    > > PeteCresswell

    >
    > I use fudging eg mailto
    >
    > .u.....k (please remove all 5 dots between the u and k for valid
    > email address)
    >
    > as active HTML and visible text.
    >
    > AFAIK anyone trying to email to that address as it stands will not even

    exit
    > their
    > email handler as 5 dots in a line is invalid structure, so no one left
    > thinking that it is a dead
    > email address after it bounces.
    > They know from the outset.
    > The fudge is on the correct side of the commercial at so
    > no wasted checks with valid company designations on right of the @.
    > I have used this structure for some years, loose a few people
    > with very poor use of English I suppose is the only down side
    >
    >


    This thread has reminded me that ages ago I was going to add a small jpg of
    my email address as an aid but forgot to do so.
    N Cook, Jun 18, 2005
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. UJ
    Replies:
    0
    Views:
    376
  2. (Pete Cresswell)
    Replies:
    8
    Views:
    446
    (Pete Cresswell)
    Mar 20, 2005
  3. Piet
    Replies:
    0
    Views:
    503
  4. Replies:
    2
    Views:
    443
  5. Zach Moazeni

    [ANN] Harvested 0.3.0

    Zach Moazeni, Apr 11, 2010, in forum: Ruby
    Replies:
    0
    Views:
    79
    Zach Moazeni
    Apr 11, 2010
Loading...

Share This Page