Technical Notes

This page will detail some of the techniques I have used on my web pages and list any software I have used.

1. Preventing Email addresses from being 'harvested' by spammers

Mailto: protection:

Automatic Miners, Data Miners, Email Harvesters are programs that  look at web sites and extract email addresses which they then put into lists for their obscene purposes.

So the technique needs to disguise any email addresses in the html on the web site.

Whenever a web page is accessed it is downloaded from the web site to the users site along with any pictures etc. It is never actioned or altered on the web site.


1.      Into every page that I have an Email address I put the following code in the <head> section of the html:

    <script src="spamguard.js" type="text/javascript"></script>

2.      I create a file, using NotePad called "spamguard.js" and place it on my web site with the following instructions:

    // global variables to form MY addresses

var at1 = "@";

var dot = ".";

var id1 = "holiman";

var typ = "co";

var ty2 = "uk";

var url = "netmaters";

function FixMail (obj1) {  // fix a hyperlink mail addr

  obj1.href = "mailto:" + id1 + at1 + url + dot + typ + dot + ty2;

  return true;             // make it work...

}

You should Replace the values in " " with your values and then adjust the obj1.href line accordingly to build your correct email address.

3.      In my html code, where I would normally put my Email link:
     <a href="mailto:holiman@netmaters.co.uk">Click to Email me</a>

        I replace it with the following:

     <a onclick="FixMail(this);" href="mailto:thiswillbeconverted@any.com">Click to Email me</a>

The false address can be anything that looks correct.

When a user clicks on the link the script will build the correct address from:

id1 + at1 + url + dot + typ + dot + ty2 which in my case is: +holliman + @ +netmatters +. + co +. +uk

This conversion is done to the html code that is dowloaded to the users system, not on the web site. The web site retains the invalid address but after conversion, on the users machine, the correct address is used. Once a link has been clicked and converted it will then display the correct address BUT this is still on the users machine, not on the web site. Consequently when you first hover the cursor over the link it will show: mailto:thiswillbeconverted@any.com and after you click it, it will display the correct address of: mailto:holiman@netmaters.co.uk

If you have a spare email address and use that as the spoof address you will see just how much junk mail is collected in this way.

PayPal Protection:
I also use this technique for my Paypal on-line shop address which requires my email address to be used.

1.    If you use Paypal then  the following lines of code should be in the spamguard.js file:

// global variables to form MY addresses

var at1 = "@";

var dot = ".";

var id1 = "holiman";

var typ = "co";

var ty2 = "uk";

var url = "netmaters";

function FixBusi (obj1) {  // PayPal FORM business value

  if (obj1.business)       // see what is in this form

    obj1.business.value = id1  + at1 + url + dot + typ + dot + ty2;

  return true;             // make it work...

}

function FixMail (obj1) {  // fix a hyperlink mail addr

  obj1.href = "mailto:" + id1 + at1 + url + dot + typ + dot + ty2;

  return true;             // make it work...

}

2.    In the Page that has the Paypay calls :

       In the <head> section put the same: <script src="spamguard.js" type="text/javascript"></script>

3.    In the Paypal form(s), change the <form line from:
   <form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

 

       To:

 

<form onsubmit="this.target='paypal'; FixBusi(this);" action="https://www.paypal.com/cgi-bin/webscr" method="post">

       and where your Email address is quoted, change it from:

   <input type="hidden" name="business" value="holiman@netmaters.co.uk">

       To:

    <input type="hidden" name="business" value="junkman@aox.com">

       The value for the email name that you use should look like a real address but definitely should not be a real address!

       In all other respects the form will remian the same.

The FixBusi conversion will change the spoof value to your correct address before calling Paypal.

Do this to all your PayPal forms in both the Add to basket and the View Basket forms.

I have handled all of my email addresses in this way and additionally I have removed any other email addresses that you may have sent to me for my files. My Database list of makers is now in PDF format which also hides the addresses.

This will start to reduce the spam, but unfortunately, before spam started to grow I had splattered my email address to lots of other web sites that wanted to link to me. So if their sites are mined then my address will be found. I am in the process of trying to get them to remove the address from their web site and replace it with a line that says " To contact Andy, please go to his web site".


I hope this helps. If you have any comments, just let me know.