Re: •Re: Hiding mail addresses in mailto: with JavaScript

I wouldn't be so convinced that spammers are inevitably incompetent. Just look at how some of them have been studying tools like SpamAssassin and figuring out how to get around the filter. Given that various popular email list to web gateways read the same research that you did and are using HTML encoding to hide addresses, it is only a question of time before that becomes tempting enough for spammers to add a couple of new regular expressions to their web scrapers and catch either @ or @ in email addresses.

Your fred&barney trick is likely safe for a long, long time. There aren't enough people with & in their email addresses to be worth behaviour modification from spammers. The same won't remain true of HTML encoding @.

Comment on Re: •Re: Hiding mail addresses in mailto: with JavaScript

Replies are listed 'Best First'.
•Re: Re: •Re: Hiding mail addresses in mailto: with JavaScript by merlyn (Sage) on Oct 25, 2003 at 14:22 UTC
I didn't say anything about spammer's incompetence. I'm talking about the ratio of low-hanging fruit to hidden fruit. As long as there are 10,000 times as many "foo@bar.com" in web pages as there are encoded addresses, spammers have no motivation to change. The fact that smart spammers are working around SpamAssassin is actually a testimony to the market penetration of such tools, especially by large mail targets like AOL and Hotmail and Earthlink. So, we're probably seeing them worry about 10% of their addresses being undeliverable, not 1/10000 of their addresses not even appearing in the first place. (I could even make the argument that an address that is hard to scrap is also likely to be trapped in other ways as well, so there's really no point in sending to it.) Thus, I will continue to recommend at the moment only some html-entity protection, until someone shows me otherwise, in a case of an actual spamscrape. -- Randal L. Schwartz, Perl hacker Be sure to read my standard disclaimer if this is a reply.	[reply]

Replies are listed 'Best First'.

•Re: Re: •Re: Hiding mail addresses in mailto: with JavaScript
by merlyn (Sage) on Oct 25, 2003 at 14:22 UTC

The fact that smart spammers are working around SpamAssassin is actually a testimony to the market penetration of such tools, especially by large mail targets like AOL and Hotmail and Earthlink. So, we're probably seeing them worry about 10% of their addresses being undeliverable, not 1/10000 of their addresses not even appearing in the first place. (I could even make the argument that an address that is hard to scrap is also likely to be trapped in other ways as well, so there's really no point in sending to it.)

Thus, I will continue to recommend at the moment only some html-entity protection, until someone shows me otherwise, in a case of an actual spamscrape.

-- Randal L. Schwartz, Perl hacker
Be sure to read my standard disclaimer if this is a reply.

[reply]