Securing an E-mail Address on a Web Page
The typical way to place a link to an E-mail address on a web page
is with a mailto command. The example here shows an E-mail to Zelda, who is
zjones@xgh.com.
On a web page, one sees:
E-mail Zelda
The web page code for that is
E-mail <A Href=mailto:zjones@xgh.com>Zelda</A>
This is the method seen in textbooks. It is also totally insecure.
Spammers search web pages looking for a mailto: so they can tell folks
about seemingly naive wealthy Nigerians, et al.
Thus, one needs a secure equivalent, so that the Spammers will not
learn your E-mail address from your web page.
A good way to begin is with a simple encoding that is mostly intuitive
but still useful. While one could easily write s/w to decode this
approach, it is not used often enough to motivate spammers to decode
it.
There are of course 256 byte values. On a web page they can be
expressed as "&#X;" where X ranges from 0 to 255. An
example is that "a" = "a". View a list of conversions.
Returning to Zelda, zjones@xgh.com converts to:
zjones@
xg
h.com
Thus, an encoded mailto becomes _one_ long line containing
the conversion above within a normal mailto command:
E-mail <A Href=mailto:zjone
s@xgh.com>Zelda</A>
The mailto above operates the same way as the mailto near the top of
this page. Thus, a page visitor will not notice a difference. The only
difference is that a spammer is not likely to absorb the encoded mailto
into a spam address list.
This approach is straightforward, replacing each character of an E-mail
address with its byte value.
Here are two examples of this approach. Use "View Source" and scroll
to the end of each web file.
Example #1
Example #2
Next, a method using encryption will be introduced. This is dramatically
more effective that the substitution covered above. One visits a web
site, provides an E-mail address, etc, then does a copy-paste.
One web site offering a free encrypted mailto equivalent is hivelogic.com.
It has the "Enkoder".
The Mailto equivalent from hivelogic is quite large, about 19
lines high and 77 columns wide. View the end of this page as an
example via "View Source." The result is a safe but clumsy mailto.
If one has several E-mails to show on a web page, creating a separate
"contact" page with just E-mail addresses would yield easier to maintain HTML.
Finally, another highly effective approach is with cgi. Skills required
involve perl, cgi, Unix/Linux and C programming. While that sounds
daunting, only moderate skills in each realm are needed. Be aware that
this approach doesn't work on all web site accounts.
Send comments or suggestions to
Return to previously
viewed page