Hiding an email address from spambots

emailer84 · 11 May 2019, 06:42 PM

I’m looking to display an email address on a website. In the past, I have used javascript, which has worked well in hiding the address from spam bots, but now, I wonder whether the advancements to spam-filtering features of email providers such as Fastmail mean that I can simply publish the address in plain text on the site, such as user@example.com, without resorting to scripts.

If not, what other javascript-free suggestions are recommended?

What about user(at)example(dot)com?

What about u s e r @ e x a m p l e . c o m?

BritTim · 12 May 2019, 03:30 AM

The best protection is to display the email address as an image. That will defeat the bots. However, it is inconvenient for your visitors as they will be unable to use copy and paste with the address.

xyzzy · 12 May 2019, 03:49 AM

If the javascript method is working why change it?

n5bb · 12 May 2019, 05:39 AM

I have placed in full view with no protection an alias address on my small personal website for over a decade. I get very little spam to that address. Nearly all the spam I receive is sent to the main email address I use with friends and family.

So my suggestion is that you use an alias address for your website which is never used for any other purpose. This provides several advantages:

By examining the To address of spam, you can see how many spam messages are the result of website address scraping.
You can use a rule (or alias delivery target) to automatically file message sent to the website address into a certain email folder.
You can disable that alias (or add additional filtering only for that one address) at any time if it gets slammed by spam.

Bill

emailer84 · 12 May 2019, 06:53 PM

Thanks for the replies.

I would rather not use Javascript on this site as I’m trying to keep it as lightweight as possible.
I think I’ll follow Bill’s advice.

TenFour · 12 May 2019, 08:38 PM

Or use a form. I have simple Blogger site I have run for many years and I never get any spam via the email reply form. Not as convenient for users, but people who really want to get in touch with you will send a message and then you can exchange email addresses.

janusz · 13 May 2019, 02:03 AM

Quote:

Originally Posted by n5bb

So my suggestion is that you use an alias address for your website which is never used for any other purpose.

[...]
You can disable that alias (or add additional filtering only for that one address) at any time if it gets slammed by spam.

A possible problem with this solution: if the alias address is used in two-way communications (a customer places an order, which is followed by an exchange of messages about e.g. detailed product specification, payment terms, delivery details) disabling the address cuts off genuine bona fide correspondents as well.

Unless you reply from a different, more permanent address, of course ....

BritTim · 13 May 2019, 02:06 AM

Quote:

Originally Posted by janusz

A possible problem with this solution: if the alias address is used in two-way communications (a customer places an order, which is followed by an exchange of messages about e.g. detailed product specification, payment terms, delivery details) disabling the address cuts off genuine bone fine correspondents as well.

Unless you reply from a different, more permanent address, of course ....

One possible way of dealing with the issue is to keep retired aliases where this could apply, but have a Rule that discards incoming messages to the alias if the sender is not in your address book.

janusz · 13 May 2019, 03:49 AM

Quote:

Originally Posted by BritTim

One possible way of dealing with the issue is to keep retired aliases where this could apply, but have a Rule that discards incoming messages to the alias if the sender is not in your address book.

This assumes that your email client (web, desktop. application, whatever) allows creation of such a non-trivial rule...

n5bb · 13 May 2019, 09:49 AM

My Fastmail spam filter is working better now than ever before, so I have no need for such special rules. For a long time I discarded messages with spam scores >10, then I disabled that rule a few months ago so I could see all messages marked as spam. I'm still getting a few spam in my Spam folder, but the number is small (a few per week). As I noted before, I have had an open email address on my personal website, and since it's a unique alias I know that the main spam I'm getting to that alias are supposedly companies wanting to help me improve that website (SEO optimization, etc.). I think that Fastmail must be blocking many more messages at the SMTP connection stage these days.

Bill

BritTim · 13 May 2019, 11:54 AM

Quote:

Originally Posted by janusz

This assumes that your email client (web, desktop. application, whatever) allows creation of such a non-trivial rule...

Since the Rule is a server side rule, I cannot see why any support would be needed in your mail client. That said, Bill may be right. If your spam filter is well trained, this may be unnecessary.

janusz · 13 May 2019, 05:00 PM

Quote:

Originally Posted by emailer84

I would rather not use Javascript on this site as I’m trying to keep it as lightweight as possible.

Does js really add so much weight?
And there always is very low-tech, and nor very user-friendly trick:
emailer84 AT example.com or even emailer84 AT example DOT com

somdcomputerguy · 14 May 2019, 03:32 AM

I have a script 'installed' on my website that I have used to obfuscate e-mail addresses on the websites I have created for others.

http://somdcomputerguy.com/spam-me-not/

Note: j/s is required to run the script that encodes an email address, but j/s is not required on wherever the encoded link is to be displayed. For the ultra-paranoid, also note that the script itself can be d/l'ed and 'installed' and run from wherever you want, the script doesn't need to be run from my site.

- Bruce

Terry · 14 May 2019, 08:04 AM

That's really good

11 May 2019, 06:42 PM	#1
emailer84 Member Join Date: Aug 2008 Posts: 61	Hiding an email address from spambots I’m looking to display an email address on a website. In the past, I have used javascript, which has worked well in hiding the address from spam bots, but now, I wonder whether the advancements to spam-filtering features of email providers such as Fastmail mean that I can simply publish the address in plain text on the site, such as user@example.com, without resorting to scripts. If not, what other javascript-free suggestions are recommended? What about user(at)example(dot)com? What about u s e r @ e x a m p l e . c o m?

12 May 2019, 05:39 AM	#4
n5bb Intergalactic Postmaster Join Date: May 2004 Location: Irving, Texas Posts: 8,926	I have placed in full view with no protection an alias address on my small personal website for over a decade. I get very little spam to that address. Nearly all the spam I receive is sent to the main email address I use with friends and family. So my suggestion is that you use an alias address for your website which is never used for any other purpose. This provides several advantages: By examining the To address of spam, you can see how many spam messages are the result of website address scraping. You can use a rule (or alias delivery target) to automatically file message sent to the website address into a certain email folder. You can disable that alias (or add additional filtering only for that one address) at any time if it gets slammed by spam. Bill

12 May 2019, 03:30 AM	#2
BritTim The "e" in e-mail Join Date: May 2003 Location: mostly in Thailand Posts: 3,090	The best protection is to display the email address as an image. That will defeat the bots. However, it is inconvenient for your visitors as they will be unable to use copy and paste with the address.

12 May 2019, 03:49 AM	#3
xyzzy Essential Contributor Join Date: May 2018 Posts: 474	If the javascript method is working why change it?

12 May 2019, 06:53 PM	#5
emailer84 Member Join Date: Aug 2008 Posts: 61	Thanks for the replies. I would rather not use Javascript on this site as I’m trying to keep it as lightweight as possible. I think I’ll follow Bill’s advice.

12 May 2019, 08:38 PM	#6
TenFour Master of the @ Join Date: Feb 2017 Location: USA Posts: 1,722	Or use a form. I have simple Blogger site I have run for many years and I never get any spam via the email reply form. Not as convenient for users, but people who really want to get in touch with you will send a message and then you can exchange email addresses.

13 May 2019, 09:49 AM	#10
n5bb Intergalactic Postmaster Join Date: May 2004 Location: Irving, Texas Posts: 8,926	My Fastmail spam filter is working better now than ever before, so I have no need for such special rules. For a long time I discarded messages with spam scores >10, then I disabled that rule a few months ago so I could see all messages marked as spam. I'm still getting a few spam in my Spam folder, but the number is small (a few per week). As I noted before, I have had an open email address on my personal website, and since it's a unique alias I know that the main spam I'm getting to that alias are supposedly companies wanting to help me improve that website (SEO optimization, etc.). I think that Fastmail must be blocking many more messages at the SMTP connection stage these days. Bill

14 May 2019, 03:32 AM	#13
somdcomputerguy Cornerstone of the Community Join Date: Jun 2004 Location: Rupert, WV Posts: 879	I have a script 'installed' on my website that I have used to obfuscate e-mail addresses on the websites I have created for others. http://somdcomputerguy.com/spam-me-not/ Note: j/s is required to run the script that encodes an email address, but j/s is not required on wherever the encoded link is to be displayed. For the ultra-paranoid, also note that the script itself can be d/l'ed and 'installed' and run from wherever you want, the script doesn't need to be run from my site. - Bruce

14 May 2019, 08:04 AM	#14
Terry The "e" in e-mail Join Date: Jul 2002 Location: VK4 Posts: 3,012	That's really good