Spam-proof Your Email Address
It's no secret that unsolicited commercial email — or what we all call spam — is a serious problem. The lost productivity involved in having to deal with the stuff is bad enough, but the sheer annoyance factor is probably what drives most people nuts. Those of you suffering from a deluge of spam may have to take more drastic measures, but if you are only seeing a trickle, or have just started receiving email under a new domain, there is an easy first line of defense...
A Little Background
Spammers get your address in much the same way that major search engines add your site to their index. Computers (robots) scan your pages following links to other pages and record what they see as they go along. In the case of search engines, they index the actual content. Later when someone searches for terms that are in your content the search engine will (hopefully) return your page as a match.
Spammers could really care less about what you have to say on your site. Their bots are only looking for the familiar string of an email address — you[at]yoursite.com. When they find it, it gets added to their database and the junk starts flowing.
Obviously, you want to put your email address — maybe even the addresses of everyone in your company — on your site. You probably also have a phone number and physical address, but it would be a shame to deny a potential customer the opportunity to contact you by whatever method they feel most comfortable. If they're anything like me, that method is email.
Encoding Your Email
Abstinence is certainly the best policy for keeping your email from being harvested. Encoding your address, however, is a simple way to get your email on your site, but keep it hidden from spammers. If you don't mind getting your hands dirty with a little HTML, try out one of these methods...
Encoding with HTML character entities All types of typographical characters can be represented in HTML by character entities. Spambots will typically ignore character entities because in the code they don't look like properly formatted email. When they are displayed in a web browser, however, they look and function just like an unencoded address. I use this method on this site. The info address on this site actually looks like this in the code:
info
@top
dead
cent
erde
sign
.com
No need to piece together your email address by tracking down all of the entities yourself. Let this handy form do all of the heavy lifting for you. Just copy and paste the string into the HTML for your site wherever you would like your address to show.
Encoding your address using Javascript JavaScript can also be used and is potentially more secure. We certainly don't expect you to pickup a JavaScript manual to encode one address. Thanks to the good folks at Automatic Labs you don't have to. Their Email Enkoderform allows you to create some snazzy JavaScript by answering a few questions.
The JavaScript method is by far more reliable, although I have noticed that some dynamically driven sites will choke on the code. If your pages end in .htm or .html you should be fine.
Extra Credit
Your site may not be the only place your email address is located. Occassionally well meaning sites will post your email without encoding it. I am a member of a professional design organization that did just that to my address — a problem that I am still attempting to remedy. Also, if you frequent message boards that require an email address to post, you may be exposed. My wife is a perfect example. Her solution was to use a second address that she won't mind closing should a spam problem become bad. Check with your hosting company or ISP to see if they can give you additional addresses for such purposes.
If you're curious to see if your email address is exposed somewhere out there, stroll over to Google and run a search for your address. You may be surprised where it shows up.
Phil Hertzler | 09.14.04 | 0 comment(s)
Reader Comments
No comments on this entry right now.
