Safety of Posting Team Emails on Website

Our team website doesn’t have much in the way of contact information besides a school name and a forum. I know there are spam-bots crawling the Internet for email addresses, so how safe is it to put mentors’ and student leaders’ emails on the website? We really want to be contactable (is that a word?) but don’t want to attract spam to our mentors and students.

I would recommend not doing it if you dont have any sort of email spam filter. If you do try and confuse it like test <at> test <dot> com or something similar. You can also write a quick php contact forum and generally I have found they dont crawl and get those.

Does your website server have email on it? If it does, i suggest creating an email alias, that points forwards the email to them. OR give them an email account. There are also some scripts out there, in java, that mask the email to the bots. I would try . I think I saw some on there.

Our server doesn’t have email accounts. But I do remember seeing an article about a piece of javascript that used variables to disguise the email address by putting it together in parts…

Try this e-mail riddler from Dynamic Drive. I haven’t personally used it, but it should do the job!

You could also just use CSS’s direction property and reverse the direction of the letters, such as your source code might look like this:

<span style="unicode-bidi:bidi-override;direction:rtl">moc.elpmaxe@elpmaxe</span>

Leaving a user to see this:

Since spam bots more or less parse the HTML source code for the page (as opposed to a human reading and seeing the page output), all the spam bots would see is moc.elpmaxe@elpmaxe, which would leave you free of spam. :wink:

This seems like it should do the trick. I’ll try it at work session tomorrow. Thanks!

You could make the email a image. A “spam-bot” would just see a picture and keep going but a person looking at the picture could read the info just like text. If you do it right you can make the picture just like the text and some one reading it would not even know that it was not text.

In cases like that for some sites I have used e-mail forms that rely on a server-side script to send the e-mail. The one larger downside to that is that the client never sees the e-mail address of the person they are contacting, which some people dont like (the apostrophe key on my firefox wont type, it opens the quick search, anyone know how to change that?)

We have a contact us form on our website and it asks, “Are you human?” and spambots still seem to be able to get past it.

Our system pulls the email address from the database, then removed the @ and replaces it with AT and replaces all ‘.’ with DOT. Kind of basic but slightly, deters spam…


Wow, I never thought about that. I’m going to integrate it into our system, but I’ll use it along with our basic obfusicating, too

Try randomizing the question and position of the field. Also, try creating a CAPTCHA image generator.

we use a contact form powered by another site that deals with the filtering for us… -> contact us, and the link is at the bottom

Use a “Contact us” form that they fill out on the website. This way the form mails the email, and the user will never know.

Or, for a less secure implementation, try this obfuscator:
It converts letters to their HTML hexadecimal equivalents.

The advantages of this method is that everything functions as normal: Users can still click the mailto: link and/or copy and paste the email address.

Disadvantages: hasn’t been thoroughly tested in the real world. Sloppy spambots will miss it, but I don’t know how sophisticated spambots usually are.