pf » Another Trick for Avoiding Email Harvesters

March 20, 2005

Another Trick for Avoiding Email Harvesters

Most people know that spammers have robots that surf the net looking for email addresses, such programs are called email harvesters. Many people try to use JavaScript to trick these harvesters, but another technique that you can use, is by creating a link that redirects to a mailto:you@address address. You can do this with services like shurl.org or tinyurl.com. Here's an example of such a link: http://shurl.org/email_pete

Note that just like the javascript solutions its still possible that the harvesters will get your address, if they try to follow the link, and can detect this technique. The best solution is to just create a form and send the email with your web application server. Not everyone has that luxury however.

Permalink | Add Comment |

add to del.icio.us | Tags: email, spam

Related Entries

Analyzing Words in Spam Emails - August 3, 2005
Spammers now using ASCII Art - April 21, 2005
ReturnPath aquires BondedSender - April 12, 2005

6 people found this page useful, what do you think?

Trackbacks

Trackback Address: 279/E4A698291F8CB5EF683A6522ED447D5E

Comments

On 03/20/2005 at 3:43:18 PM MST Erki Esken wrote:

What I've found working really well is escaping email address using URL-encoding and HTML-escaping.

So me@example.com would become this for use in href attribute (lets see if it shows correctly):

mailto:%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d

And HTML-escaped for using as link name:

me@example.com

So first is every email character URLescaped (you have to loop over characters and do FormatBaseN(Asc(char),16) in CF for example), and HTMLescaped with ampersand, hash, and character Asc() value.

Browsers display it properly, but my hope is harvesters won't understand it.

On 03/20/2005 at 4:09:28 PM MST Pedro wrote: