-----Original Message----- From: Wayne Johnson [mailto:[EMAIL PROTECTED] Sent: Thursday, 22 December 2005 9:52 AM To: [EMAIL PROTECTED]; The Hardware List Subject: RE: [H] Web authoring question - protecting email addresses
>Are you telling me that the spam bots aren't smart enough to detect >the supposedly hidden email address in the form but they are smart >enough to decode hex? If that's the case then the bots are reading >the rendered html & not the real source so if one uses an image to >click on to start a mailto: then a bot can't read that either ? So >bots can not read the source html. Hmmm, I thought bots were smarter > than that. Of course it depends on the bot. ;-) There is no 'hidden' email address in the form (as such). It's encoded by server-side scripting, so the answer is no, the spambots have nothing to harvest. Using an image is counterproductive because the user has to type the address in by hand. At 04:23 PM 12/21/2005, Neil Atwood typed: >I rarely disagree with your take on matters technical Wayne, but I do here. > Well have a Merry Christmas anyway. ;-) I will thanks! ;-) >I have built and I currently maintain several dozen websites. Most >of them pretty simple jobs using a CMS to reduce the amount of hand >coding required. In every case I use NO email links at all. They all >use forms for the primary means of contact. In the 10 or so contacts >a day I get from those sites, I have had no complaints about using a >form, and - this is the important bit - NO spam on the addresses >those forms send to. Many of these sites have been up for 2-3 years. > >I've used all the hex and JS tricks to 'hide' email addresses. Some >work better than others, but all of them ultimately fail and those >addresses will attract spam sooner or later. The spambots are >getting very sophisticated these days and these simple tricks are >not fooling them. >Then why do forms work? It's because of calling an external cgi or >perl script but the simplest forms don't use these & this is the same >technology that can be used to hide email addresses in html. It's not >that forms are more secure but that calling scripts is more secure >from bots. I wager that as much spam comes from not paying to have >ones domain hidden in whois. I don't claim to understand all the technicalities involved, but the CMS I use on almost all my sites these days is written in PHP, and I understand there is a routine that encrypts the address very effectively. Well, I know it's effective, because I get no spam on those accounts! And yes, I have a copy sent to the person sending too... >You may not ever learn to love it, but learn to put up with the >form, for the moment it's here to stay... ;-) I'm afraid you're correct but I'll keep resisting anyway & maybe it's because of the school of hard knocks that I do. ;-) ____________________________________ Neil Atwood - Sydney, Australia http://westserve.org - Blog, Christianity, Coffee and Tech Stuff.
