PDA

View Full Version : Email riddler blocked by IE info bar



robertsaunders
06-28-2005, 03:06 PM
I have been using the Email Riddler at http://www.dynamicdrive.com/emailriddler/ but since upgarding to Win XP I have noticed that it is blocked by the IE information bar. Of course it is easy to allow the block content, but I am concerned that some people will not want to allow the content and therefore will not be able to see the email address.

Is there another way that I can use MAILTO and ecrypt my email address without it being blocked. Obviously I can use an image for the email address, but that won't help me with the MAILTO part.

Twey
06-28-2005, 05:25 PM
I have no idea if this will work, but you might be able to do this server-side.


<?
$address = $_GET['address'];
$address = str_replace("ADDRESS", "", $address);
$address = str_replace("AT", "@", $address);
$address = str_replace("DOT", ".", $address);
header("Location: mailto:" . $address);
?>

This allows you to replace @ with AT, . with DOT, and insert ADDRESS anywhere you feel like it.
If you don't have a server-side language, you can use this one I set up.
http://www.crystalinity.net/echo.php?address=yoADDRESSuATyourDOTdomADDRESSain
Replacing the address with yours, of course.
Clever people (mwinter :p): will this work?

jscheuer1
06-28-2005, 05:48 PM
Try my beta version alternative:

http://home.comcast.net/~ansiguy/emailen1.htm

Twey
06-28-2005, 06:04 PM
Most bots can handle numerical obfuscation.
That's why I wondered if you could do something a little different. The bots search for links, so a redirect might not be picked up.

jscheuer1
06-28-2005, 06:33 PM
I've used my method on two email addresses and for about 2 years I've gotten almost no junk mail. One of the addresses is on a high traffic site. If you are already getting lots of junk email, it is not worth bothering as, the spammers sell/trade their lists to/with each other.

Twey
06-28-2005, 07:45 PM
I use that too, usually.
I get hundreds a day, and I have to have two spam filters. Ergo, I reason that this doesn't work.

ddadmin
06-28-2005, 08:39 PM
The information bar you're referring to should only pop up if you're viewing your webpage offline/ locally. Once the page is viewed online, I don't see how Email Riddler could still activate the bar, which is what's important...

jscheuer1
06-28-2005, 09:18 PM
Good point, dd, that pop-up should only occur locally unless the user's security is set to prompt before allowing active content on the web itself - an unusual setting. One main reason I created my encryptor was to have something that worked on non javascript enabled browsers*. Results, apparently vary widely, taking Twey's report into account. I have to wonder though. You see, once an email address gets into the spammer's stream, it's over. No amount of future encryption will remove it from their rolls. There are tons of ways they can get an email address. If it has ever been on the web in unencrypted form, it is probably in their rolls. If you've ever responded to one of those random messages often sent out to all possible variations of an address at some mail server, even if only to 'opt out', then the address was actually confirmed as active and added to the rolls. If you've ever signed the address up to receive content you actually were interested in, there is a good chance it found its way onto the spammer's lists. I could go on and on. The two email addresses I was referring to in my previous post have been closely guarded ever since their inception and although displayed on a popular site, 2 years - no problems.

*the encryptor itself requires javascript, its output works in non javascript enabled browsers.

mwinter
06-28-2005, 09:29 PM
<?
$address = $_GET['address'];
$address = str_replace("ADDRESS", "", $address);
$address = str_replace("AT", "@", $address);
$address = str_replace("DOT", ".", $address);
header("Location: mailto:" . $address);
?>Clever people [...]: will this work?Well did you try it? :p

I don't think there is any applicable standard that would stop this from working, but a user agent might be surprised to find a mailto: scheme coming back to it. The browsers I have to hand seem to do well with it, though.


Most bots can handle numerical obfuscation.There really isn't anything that can't be side stepped. Even server-side form processors aren't off limits as it's just a form submission. I suppose the issue is what is handled, rather than what could be. The answer to that isn't something that I know.

The surest defense is a good spam filter as someone could always do to you what someone did to me (don't know why :confused: ): post your e-mail address somewhere on the Web where it will be found. One of mine ended up on Russian warez site, so I get Eastern European spam in Cyrillic scripts. Lovely. :rolleyes:

Mike

Twey
06-29-2005, 06:47 PM
I know it works for the user, I was asking whether it would block the bots effectively.
Until the spammers catch up, of course.
Anything that supports mailto: links will support this, because... well, that's what happens when someone clicks one anyway.

mwinter
06-29-2005, 07:15 PM
I know it works for the user, I was asking whether it would block the bots effectively.'Will this work?' isn't obvious considering the obscurity of the method. I honestly wouldn't have been surprised to see it fail. You should have been more specific.

It depends how bots work. If they enter a site then spider through all of its links trying to find e-mail addresses in either plain text or in links, then probably not. They would follow the URL and get back a mailto: URL just like the browser.

But as I said, I don't know how they work, nor do I really care. Schemes that might obstruct bots successfully invariably have usability problems, so I don't think they're worth the effort.

Mike