Little bit of PHP help please...

[Neil]

Myself and TJ are bloody sick of getting viruses and spam through our email, in fact I barely load Eudora these days.  However I just thought of a way of putting our email addresses on the site which will stop spambots picking it up.  I want to hide the email addy in a file, and then produce a link to this html fileon the site which will dig the email address out of somewhere and return it to the person who has requested it.  So instead of just having our email address dispalyed, we would have a little link, the person clicks it, and is fed back the email address.  Trouble is I haven't used PHP for a while, can anyone think of a secure way to do this?!  Or will spambots still follow the link and find our email addy?!  I figure there must be some way to hide it from them.

[MojoJojo]

Hmmm, i guess having a little gif of the email address and forcing people to type it in by hand isn't user friendly enough?

Don't know much about the Php thing, sorry.

[Neil]

Nah, no good sadly, for the same reason that asking people to remove stuff from the email addy to make it valid is useless.  People can't be bothered, and we can't take the risk of being hard to contact in case someone has a drawer full of No Known Cure tapes!

EDIT:  Think I have this sussed, but I'm not sure how useful it will be, presumably some spambots will just follow all links.  Worth a go anyway.

[Morrisfan82]

Could you try having a little shockwave file that does a mailto: when you click on it?

[Neil]

Nice idea Muteki!  Hmm I think I have the PHP thing sussed, I'm just trying to work out how effective it will be.  I'm working on the assumption that spambots will be hunting for mailto: rather than links.

[Ambient Sheep]

I'm working on the assumption that spambots will be hunting for mailto: rather than links.

Sorry to piss on your parade, Neil, but I suspect that that's a faulty assumption.  I think that nowadays they search for *anything* that has an "@" or an "AT" in the middle of it.

Avoiding "mailto:" will probably get rid of some of the spam, but far from all.

I wish I could make some positive suggestion, but apart from the GIF route (which I realise that you don't want to go down) I don't have any.  Sorry.

[Neil]

Ah well, thanks anyway.  I reckon this will stop some of the stupider bots.

[glitch]

If you're trying to avoid spambots, have you tried adding lines to your root .htaccess file? You can stop people browsing by agent, and lots of spamcrawlers alter the agent info. There's quite a few tutorials on the Net for it.

[Neil]

Cheers, I'll have a look for those!  Bloody sick of not being able to load my email these days.

[weirdbeard]

Why not put a e-mail link which automatically puts in a pre-detemined subject title?  I'm not exactly sure how it works but it's something like mailto:example@example.com?subject=I have archive material , although that isn't giving a clickable link on here.  Set up a few different links, say one for questions, one for content, etc.  Then set up an e-mail filter to automatically delete everything which doesn't have one of these pre-determined titles in the subject header.  Of course, you run the risk of people changing the subject title manually, but if you set up a 'Contact Us' page and specifically instruct people not to change it, then you should be ok.

[Neil]

Yeah we actually do something like that already...when people click the links it inserts "CaB: " into the subject line, and I then filter on that.  I also use spambayes to filter spam, but I'd still like to reduce the amount of spam and viruses that we have to download.

[Jaffa The Cake]

So instead of just having our email address dispalyed, we would have a little link, the person clicks it, and is fed back the email address.

Spam bots will also follow this link and find the email address within.

I could create a filter in PHP which changes all email addresses from you@whereever.com to you(gif of @)whereever.com

An alternative is to provide a webform with a drop down list of the site's admins, and an additional text box. A user would select the admin's address they want, and enter some sort of word into the text box, which would be printed below. If the phrases match, the email address is returned.

[Rats]

Could you just have (my email)neil@whatever so the bots would pick up the (myemail) bit? Or (copy & paste)nelly@nolegs.com. That other bloke had a good idea, just make a little gif of your email address and put that up.

[Jaffa The Cake]

Some spam bots even scan images for text. However, if it's part text & part image, they normally miss it (as with my idea). Also, if someone has jellyfishrapist555585854@myfavouritepornmovieevarrrr.com and only the 'at' sign is an image, the user can copy and paste the long bits without having to type them out.

[glitch]

Don't know if it still works, but the old trick I've used for this was to get JavaScript:

document.write( 'e-mail suffix' + '@' + 'e-mail domain' );

[Morrisfan82]

The Shockwave suggestion would get around all this though no? Unless I'm misinformed, spambots can't/don't decompile Shockwave files to look through them for e-mail addresses, so you could have a little shockwave file with the address displayed on it (like the gif idea), BUT with the advantage that you can click on it to compose a new e-mail, rather than having people copy it down (which is what Neil wanted to avoid).

Unless you can do the PHP thang, this'd be the simplest way to fox the bots wouldn't it?

[MojoJojo]

Except shockwave is a bit of a bulky thing to have on everypage just for an email address. And have to rely on the bloke with the incredible rare footage has shockwave already installed. But yeah, I'd be very surprised if any spambots could get round that.

[Morrisfan82]

Bulky? A shockwave file with just a line of text and an OnClick command would barely scrape 1k wouldn't it?

And who doesn't have Shockwave viewability these days? Plus you could always make the file an early Shockwave version to ensure maximum compatability.

[r smelly]

you can do it by using ascii codes to display the address (or part of the address) on the screen.

you email address will then not be displayed in the code wheer the spammers look but will be displayed on the screen and will work as a mailto link.