What a (mail) horror.

[JackHiggins]

Since I recently (last few days) started getting a bit of spam on my website email addy, i've decided to start using protection.

If you decide you want to email me, you're directed to this page, where you see this image:


It wasn't that hard to do, just add a bit of fuzz to the text in photoshop. I'm sure any other paint program could do the same!

If any spam harvesting bot can read that, the world really has gone mad...!

Oh btw- this thread should really be discussed in purgatory...

[don]

Howdy Jack,

Since bots can't "read" images, why go to all the trouble of [at] and [dot] and adding distortion to the image? Just type it as it should look on a plain background.

Cheers,

-Don G.

[granthutchison]

Since bots can't "read" images, why go to all the trouble of [at] and [dot] and adding distortion to the image? Just type it as it should look on a plain background.

Bots can read images these days, Don - but they're not as good as the human brain at reconstructing "damaged" text, which I think is what Jack's up to. There was an article in a recent Scientific American on exactly this theme ...

Grant

[don]

Unbelievable

-Don G.

[Rassilon]

Found it to be an interesting tad of information...

http://www.sciam.com/article.cfm?articl ... =1&catID=2

[don]

Thank you for the link Rassilon. Interesting article.

[JackHiggins]

Bots can read images these days, Don - but they're not as good as the human brain at reconstructing "damaged" text, which I think is what Jack's up to.

Yeah that's it- this doubly stops spam, because of the fuzz, and also the [at] and [dot].

This is the same as what you get when you do WHOIS searches- so that the bots can't look up random sites & steal those email addys- you have to verify yourself before you can look at the site info.

Actually, I should move the letters up & down a bit too & change the font- to stop the bots finding any lasting pattern after all the fuzz...

[Harry]

I was about to recommend using javascript to insert your e-mail address in your webpage, as this is a way to keep mailto-links working at least for javascript-enabled browsers. But looking through my spam-folder, I found a couple of spams which were sent to an address of mine which was protected by this. So they must have started to interpret javascript.... I didn't expexct this. I don't know how advanced their javascript-capabilities are (they could even use a modified browser-engine), but javascript isn't a reliable protection.

[Rassilon]

I am currently working on a site for my work that requires database access so it has multiple header files in PHP displaying the information to log into a database including the email...Our company has been coding websites with this procedure for quite some time and now reading on bots I am thinking of a way to encode the information...The site has been bombarded with 300 emails within a period of 15 minutes and its escalating quick...Would it be possible to formulate a function in php that would include a encrypted header file, decrypting it for read only...never echoing into the document? Some of you heavy php coders might be able to answer this...or maybe I would have to write a java or perl program to accomplish this??

[Harry]

Would it be possible to formulate a function in php that would include a encrypted header file, decrypting it for read only...never echoing into the document? Some of you heavy php coders might be able to answer this...or maybe I would have to write a java or perl program to accomplish this??

Don't know much about PHP, but it's completely server-side, right? So it doesn't matter if it's a browser or spambot receiving the information. While not perfect encoding in javascript is still much better than nothing. Maybe it's even possible to render an image with the address in PHP, don't know.

[Rassilon]

In my travels on the net I came across this informitive site you could use to find out about your spammers and report them to thier ISP's

http://www.senderbase.org

It will also be helpful to log all traffic on your site as I am now doing to recognise spambots and send them away from your sites...I am trying to set up a trap so that if a spambot ignores robots.txt which disallows any bot from viewing a certain folder which has an index.php that will immediately ban the IP address it will ban the bot from the site...The other dilemma I am having is they will always scan the root html first then the folders...usually robots.txt if its a legitamite search bot or spider...

More to work on...

[maxim]

I am currently working on a site for my work that requires database access so it has multiple header files in PHP displaying the information to log into a database including the email......Would it be possible to formulate a function in php that would include a encrypted header file, decrypting it for read only...never echoing into the document? Some of you heavy php coders might be able to answer this...or maybe I would have to write a java or perl program to accomplish this??

PHP works indeed only serverside. Getting a request (for example by clicking on a link) your webserver retrieves the according PHP coded page. Then YOUR server processes the PHP code and generates a HTML-page from it (which could look totally different), THAT is then send to the browser (or bot). So, all the receiver can see is what you're seeing if you enable 'display source code' in your browser - nothing more - as long as your webserver wasn't hacked by a directly aimed attack.