[Apfhex]

First of all: do you believe it is necessary to take measures to prevent bots from grabbing your email address from a web page?

Mine certainly isn't widely popular, but I got to thinking, maybe I should?

What are the methods that you would use to prevent such a thing?

I was thinking... would something as simple as replacing the @ with its unicode equivalent do the trick? I put in & # 0 0 4 0 ; (without the spaces of course) which seems to give me a left parenthesis. According to a web document and Apple's Character Pallet this should be @. FYI, I have other unicode characters on the page such as en dashes and typographer's quotes, which display fine. Document is XHTML 1.0 Strict with iso-8859-1 encoding.

Well, I'm probably wrong and this is probably just silly (though I would like to know what I have to do to get an @ in there).

[Sage]

Spam-creator-people are well aware of encoding – don't waste your time with it.

Is this for a "Contact Me" page? I have several suggestions for that:

• Use a fake email address that only a person would know what to do with: [email protected] or [email protected] or sageolson [***at**] example . com

• If you don't need to do it on one line, you can describe your email address. For example: "Okay, to assemble my email address, you take my name (sageolson), combine it with that symbol (shift+3), then add example.com to the end."

• I know of a method that can be used to allow Javascript users to circumvent the above message. I've promised the creator of this method not to mention it in public though (to keep spammers from ever learning about it), so you'll have to PM me about it.

[edit]: I was going to also mention that you could use a web form to have people email you, but I'm not sure if the spammers have caught on to that method yet (since they can already easily spam blogs through web forms).

[Apfhex]

Ok. Perhaps I'll mangle it into something human-only-readable (trying to keep it relatively simple though).

[Oisín]

Probably not a good idea to describe @ as “shift+3”, since that yields # for me, and God knows what for users from various other countries...

[Randman]

Originally Posted by Apfhex

First of all: do you believe it is necessary to take measures to prevent bots from grabbing your email address from a web page?

Mine certainly isn't widely popular, but I got to thinking, maybe I should?

What are the methods that you would use to prevent such a thing?

Never post your true email. I have an email address for web forums and whatnot, [email protected].

[parallax]

Just for the record, @ is 0x0040 in hex; however, HTML escaping uses decimal (stupid of them since everyone else that deals with characters deals with them in hex). Therefore what you typed in was 0x0028 in hex which is indeed a left paren. 0x0040 is 64 in decimal, so #0064; should work.

Also ISO 8859-1 is Latin-1 encoding (I believe unicode is Latin-1 compatible though). Check out ISO-10646.

But like the above posters I wouldn't recommend doing this if you're looking to stop spam. :-)

I wouldn't recommend using JavaScript to mangle your email address either. This is overkill, and probably isn't much good for users like me that turn JavaScript off.

A much simpler solution would be to make your email an image, and make the title of the image something human parsable. For instance,

<img src="myemail.png" title="name AT domain DOT tld">

Personally, I feel that it's only a matter of time until any address gets spammed just as much as everyone else, so I concentrate on setting up appropriate spam filters rather than trying to make my address secret.

[skalie]

Originally Posted by parallax

I wouldn't recommend using JavaScript to mangle your email address either. This is overkill, and probably isn't much good for users like me that turn JavaScript off.

How many people do that btw? I just finished a website that uses javascript to detect the browser (for style sheet positioning) and resolution.

And it, er, doesn't work at all with javascript turned off in the browser.

[madmacgames]

Originally Posted by skalie

How many people do that btw?

Not very many... Your normal web user won't even know what javascript is.

Usually just those people with what I call the "anti-javascript complex" turn it off

While I still think you should make your website work for both type of users, the number of anti-js users are in the vast minority.

[skalie]

So what resolution should I assume the "anti-javascript complex" types would be using? Or should I just deliver them the 800 x 600 version out of spite?

[parallax]

Serve us the mobile or text-only version. ;-)

[Sage]

Originally Posted by Oisín

Probably not a good idea to describe @ as “shift+3”, since that yields # for me, and God knows what for users from various other countries...

Oops, yeah, shift+2.

And Apfhex, you sure you don't want method #3? By "simpler", I'm not sure if you mean simpler for yourself or simpler for the end user, but that method makes it much simpler for end-users with Javascript to access your email address (while still making it available to non-JS users and impossible for harvesters to recognize).

[Oisín]

Originally Posted by Sage

Oops, yeah, shift+2.

Yeah, that's " for me...

@ is Alt + ' (which is in the 'corner' between Shift and Return) for me