protecting email addresses on a web site
in [General]
|
From: Ashley Sheridan on 15 Jun 2010 04:08 On Tue, 2010-06-15 at 13:28 +0530, cheran krishnamoorthy wrote: > You can always convert an email address as image.no one can read but humans. > i think this is a simple solution. > > Regards > Cherankrish > > On Tue, Jun 15, 2010 at 2:50 AM, Paul M Foster <paulf(a)quillandmouse.com>wrote: > > > On Mon, Jun 14, 2010 at 01:06:29PM +0100, Ashley Sheridan wrote: > > > > > On Mon, 2010-06-14 at 08:02 -0400, David Mehler wrote: > > > > > > > Hello, > > > > I've got a site that is needing to have two email addresses on it, one > > > > for general contact and information and the other for webmaster for > > > > site problems. I do not want these addresses to become harvested by > > > > spammers yet i want to make it possible for people to email if needed. > > > > I can not use javascript for this solution. > > > > Suggestions appreciated. > > > > Thanks. > > > > Dave. > > > > > > > > > > > > > If Javascript isn't a solution (which I can understand for accessibility > > > reasons) then the only method I've seen that seems to work is to have > > > the email as an image in the same font style as it would be on the page > > > if it were just text. Facebook uses this to display contact email > > > addresses for people, and I've seen it used elsewhere also. The only > > > other method I've seen is to add in extra characters with a small note > > > to humans to remove them, but I find this quite a messy solution. > > > > > > Unfortunately, you can't get away with just a contact form these days if > > > you're a business, as it's a legal requirement in some countries to have > > > a contact details available, and not just a contact form. > > > > Do you have specifics? I've never heard of such a requirement. > > > > Notwithstanding Ash's assertion, I would suggest a contact form. The > > email address is effectively hidden, and you can apply CAPTCHA to the > > form to cut down on bot spam. It also introduces some discipline on the > > user, and potentially allows you to categorize inquiries (making it > > easier to pass them on to the proper person). You can also have a pick > > list on the form which details which person you'd like the form to be > > sent to. > > > > In general, on contact forms or "about us" pages, I include some > > physical address and possibly a phone number. This might satisfy Ash's > > requirement for "contact details". > > > > Paul > > > > -- > > Paul M. Foster > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > I'd already mentioned this, and it was deemed not very accessible (what if someone is blind, for example?) Thanks, Ash http://www.ashleysheridan.co.uk
From: Ian on 15 Jun 2010 04:46 On 14/06/2010 22:51, Ashley Sheridan wrote: <snip> > It's not my requirement, it's been a legal requirement in the UK for 3 > years now. > > http://www.calmdesign.co.uk/articles/Website_legal_requirements/?id=16 > > Thanks, > Ash > http://www.ashleysheridan.co.uk Hi, Further to this the actual regulation is here: http://www.opsi.gov.uk/si/si2002/20022013.htm The relevant line from this: 6(c) the details of the service provider, including his electronic mail address, which make it possible to contact him rapidly and communicate with him in a direct and effective manner; It must be stressed that these laws were written before spam became 90%+ of all email communication (2002). So I suspect it could be argued that a contact form can be allowed to bypass your normal email spam checking and is therefore a quicker way to communicate effectively. IANAL ;) Regards Ian --
From: Ashley Sheridan on 15 Jun 2010 04:53 On Tue, 2010-06-15 at 09:46 +0100, Ian wrote: > On 14/06/2010 22:51, Ashley Sheridan wrote: > > <snip> > > > It's not my requirement, it's been a legal requirement in the UK for 3 > > years now. > > > > http://www.calmdesign.co.uk/articles/Website_legal_requirements/?id=16 > > > > Thanks, > > Ash > > http://www.ashleysheridan.co.uk > > Hi, > > Further to this the actual regulation is here: > > http://www.opsi.gov.uk/si/si2002/20022013.htm > > The relevant line from this: > > 6(c) the details of the service provider, including his electronic mail > address, which make it possible to contact him rapidly and communicate > with him in a direct and effective manner; > > > > It must be stressed that these laws were written before spam became 90%+ > of all email communication (2002). So I suspect it could be argued that > a contact form can be allowed to bypass your normal email spam checking > and is therefore a quicker way to communicate effectively. > > IANAL ;) > > Regards > > Ian > -- > The link you gave is indeed 8 years old, whereas the one I gave is a lot more current (3 years) and well after what you call the period of spam (which really started kicking off big-time before 2002 anyway) Either way, I don't think you can 'argue' with a law if you're a business. A personal website is not under such restrictions, but there are lots a business has to go through, and a business potentially faces more repercussions from breaking laws, however daft or imposing they may be. You could, I guess, claim ignorance, but that doesn't offer much protection on a law that's 3 years old... Thanks, Ash http://www.ashleysheridan.co.uk
From: "HallMarc Websites" on 15 Jun 2010 13:02 -----Original Message----- From: Ashley Sheridan [mailto:ash(a)ashleysheridan.co.uk] Sent: Monday, June 14, 2010 10:52 AM To: Dotan Cohen Cc: HallMarc Websites; David Mehler; php-general Subject: Re: [PHP] protecting email addresses on a web site On Mon, 2010-06-14 at 17:50 +0300, Dotan Cohen wrote: > On 14 June 2010 15:36, HallMarc Websites <sales(a)hallmarcwebsites.com> wrote: > > Another is a CSS solution where you type the email address backwards and > > then use the CSS style declaration: > > style="direction: rtl; unicode-bidi: bidi-override;" > > > > How does that work with screen readers? How about copy-paste? > I don't think there's an accessible way of doing this. Anything that allows a screen reader to speak the email address would also be susceptible to spammers email scrapers. Thanks, Ash http://www.ashleysheridan.co.uk Copy-n-paste just gives you the email address backwards; screen readers, because we are using logical ordering and it is stored in memory the way we expect to read it, will read it correctly. I was not aware that email harvesters used screen readers. Do you have some documentation I could read to get up to speed on this? Marc Hall HallMarc Websites So many spammers, so few bullets... __________ Information from ESET Smart Security, version of virus signature database 5199 (20100615) __________ The message was checked by ESET Smart Security. http://www.eset.com
From: Ashley Sheridan on 15 Jun 2010 13:15
On Tue, 2010-06-15 at 13:02 -0400, HallMarc Websites wrote: > > -----Original Message----- > From: Ashley Sheridan [mailto:ash(a)ashleysheridan.co.uk] > Sent: Monday, June 14, 2010 10:52 AM > To: Dotan Cohen > Cc: HallMarc Websites; David Mehler; php-general > Subject: Re: [PHP] protecting email addresses on a web site > > On Mon, 2010-06-14 at 17:50 +0300, Dotan Cohen wrote: > > > On 14 June 2010 15:36, HallMarc Websites <sales(a)hallmarcwebsites.com> > wrote: > > > Another is a CSS solution where you type the email address backwards and > > > then use the CSS style declaration: > > > style="direction: rtl; unicode-bidi: bidi-override;" > > > > > > > How does that work with screen readers? How about copy-paste? > > > > > I don't think there's an accessible way of doing this. Anything that > allows a screen reader to speak the email address would also be > susceptible to spammers email scrapers. > > Thanks, > Ash > http://www.ashleysheridan.co.uk > > > > Copy-n-paste just gives you the email address backwards; screen readers, > because we are using logical ordering and it is stored in memory the way we > expect to read it, will read it correctly. > > I was not aware that email harvesters used screen readers. Do you have some > documentation I could read to get up to speed on this? > > Marc Hall > HallMarc Websites > So many spammers, so few bullets... > > > __________ Information from ESET Smart Security, version of virus signature > database 5199 (20100615) __________ > > The message was checked by ESET Smart Security. > > http://www.eset.com > > I didn't say the harvesters used screen readers. I'm saying that if something is in plain text that a screen reader can understand, what's to stop an email address harvester? It's not worth their time to analyse every image (think about where Google is with image searching right now, and they have a lot more resources at their disposal) but it is easy enough to read text in a web page. At a push, it's possible to believe that some might be using rendered CSS to see how an email is rendered. Thing is, it's nigh on impossible to hide an email address. Use it once on a mailing list like this and it's there for the whole world to see on archive listings. I even though that my email wouldn't be found in a .pdf CV I'd made, but thanks to Google it is now! Basically, it might not be worth the effort to hide email addresses, and instead see about setting up spam filtering at the server level. You don't have to download and filter it your end, and it saves on bandwidth. Thanks, Ash http://www.ashleysheridan.co.uk |