tags:

views:

122

answers:

6
+4  Q: 

Obfuscating email in html

I'm currently developing a website, into which I've included a filter that attempts to obfuscate any e-mail addresses present in the webpages it serves.

As it is now, it converts the addresses into images.

I've also seen a few other methods in use; some split the address into characters and use generated javascript to include it in the final document, but that requires javascript, so it's not that useful in my opinion. The upside is it can be used to create a working mailto-link.

Another method, quite similar to the above, uses hex-notation to markup the e-mail address. I'm not really convinced it will thwart any serious harvesters though.

Others utilize the human brains' ability to understand language, and will either replace characters like the @-symbol with words, or separate the host and the username etc.

My question now is, how reliable is my method, of using generated images (whose filename do not give the address away) against scrapers, when I'm not using any distortion on the text in the images? Should I prefer a different method?

And as a continuation: if I wan't a fallback method, just in case the image creation should fail for some reason, which would be the smartest way to go?

+7  A: 

Here you'll find many ways of obfuscating emails, and their effectiveness.

Hope it helps!

Pablo Fernandez  2010-02-08 16:28:41
Oh, that's brilliant. Thanks!
nikc  2010-02-08 16:32:21
I love the simplicity of using right-to-left text, but the downside would be the frustration when copying the e-mail from the browser. But the second method seems a brilliant way to go.
nikc  2010-02-08 16:35:28
A: 

As long as you don't name the image something obvious, like emailadress.png, you should be pretty safe - I think.

Emil  2010-02-08 16:29:58
+2  A: 

My question now is, how reliable is my method, of using generated images (whose filename do not give the address away) against scrapers, when I'm not using any distortion on the text in the images?

I don't have any data to back that up, but I would say: Quite reliable. Harvesters can get millions of addresses using "conventional" means; I don't think it's economically feasible for them to do image processing just to get a handful more.

And as a continuation: if I wan't a fallback method, just in case the image creation should fail for some reason, which would be the smartest way to go?

Use a good spam filter. :-) No, seriously, it's really hard keeping a mail address hidden from harvesters.

Heinzi  2010-02-08 16:30:44
Agreed, you simple cannot have an e-mail account, and not have a spam-filter. But reducing their workload, too, is a worthy goal :-)
nikc  2010-02-08 16:42:29
A: 

I think it's all about providing some kind of 'are you human test' before you display the email or display the email in a way that is itself a test.

Thinking along the same lines maybe providing a link as the email address and running the tests before displaying the email might be a solution too.

Maxwell Troy Milton King  2010-02-08 16:31:06
Not really a viable option, when e-mail addresses should be visible to all visitors. E.g. a contact address in the footer.
nikc  2010-02-08 16:33:15
+1  A: 

one possibility is to continue using the image, but replace it with text and a mailto link if javascript is enabled.

cobbal  2010-02-08 16:32:51
A: 

As a user, an image-obfuscated email address is almost as useless as no email address. Whatever method you choose, I should ideally be given a mailto link, second best is some sort of your.name.69 AT longwebsitewhosnameicanteasilytranscribe.net style address.

kubi  2010-02-08 16:36:01
Yes, I agree that e-mail addresses replaced with images sucks, because you can't copy the text. But the world is shit, and we have to do everything in our power to reduce the shoveling required.
nikc  2010-02-08 16:38:42
Developers have to do everything in their power to reduce shoveling. Users should just sit back and enjoy their poop-free lawn. :-)
kubi  2010-02-08 18:43:52
Well put, sir :-)
nikc  2010-02-08 22:51:07

related questions

How do I programmatically return the max of two integers without...
How can I obfuscate JavaScript?
Database development organisation
What is the difference between Obfuscation, Hashing, and Encryption?
Making email addresses safe from bots on a webpage?
Java obfuscation - ProGuard/yGuard/other?
Code Obfuscation?
Obfuscating Silverlight XAP
What do you use to protect your .NET code from reverse engineering?
Obfuscation Puzzle: Can you figure out what this Perl function does?
Can you Distribute a Ruby on Rails Application without Source?
Best Java Obfuscation Application For Size Reduction
Cruise Control and Obfuscation, How?
How to protect Mac OS X software from cracking?
Should you obfuscate a commercial .Net application?
What's the best value for money c# code protection for a single developer
Is there a good obfuscater for Perl code?
Does the exe you get out of obfuscation programs vary in speed?
(Why) should I use obfuscation?
How do I make the manifest of a .net assembly private ?
Is obfuscator Javascript enough?
Do you obfuscate your commercial Java code?
Should I be worried about obfuscating my .NET code?
Flex / Air obfuscation
Best .NET obfuscation tools/strategy