Reply by Michael A. Terrell●July 21, 20172017-07-21
Jon Elson wrote:
> Jim Thompson wrote:
>
>> The trollers are constantly picking up an E-mail address from my
>> website, forcing me to periodically change the address.
>>
>> How are these E-mail "forms" done on websites? No addresses are
>> shown, just fill in the blanks and press "send".
>>
>> I'm looking for something simple that I (a non-Eunuchs-experienced
>> person ;-) can install without much grief.
>>
>> Suggestions?
>>
>> ...Jim Thompson
> Go to the form where you send the email, and hit ctrl/u (this shows html
> source on many browsers), and see if your email addr is in the source. I'm
> guessing it is right there in plain text.
>
> Yup, mailto:webmaster@xxx, right there in the html!
>
> The only way to fix it is to have the user send the email text back to the
> web server for mailing, rather than sending it directly through the user's
> browser. That way, there would be no reason for the email addr to be in the
> html. This will require your html server to run a script language for php
> or something like that.
>
> I'm pretty sure my web store software does it that way, but don't ask me
> how. It has some 10,000 .php files! WAYYY too complicated for mortals to
> understand more than one TINY part of the code at a time.
I use ASSmaker to generate a Javascript to create the actual link when
you click on it. I add a little code to include a page reference from
the website, as well.
This is the JS from my website:
var at = "@";
var bcc = "";
var body = "";
var cc = "";
var email1 = "%20mike.terrell";
var email2 = "earthlink.net";
var email3 = "";
var site = "Michael A. Terrell";
var tag1 = "mail";
var tag2 = "to:";
var cpdt ="The contents of this site are Copyrighted � 2002 - 2017 -
Michael A. Terrell";
var email = email1 + at + email2 + email3
which also includes the copyright notice for all the pages.
Here is where it is added to a web page:
This is as sample line that goes in the web page:
<script language="JavaScript" src="email.js"></script><form><input
type="button" value="Home" onClick="window.location='index.html'"><input
type="button" value="E-mail" OnClick="email0()"></form><script
language=javascript><!--
function email0() {
var subject = site + " - " + "Coils";
var ass = tag1 + tag2 + email1 + at + email2 + email3 + "?cc=" + cc +
"&bcc=" + bcc + "&subject=" + escape(subject) + "&body=" + escape(body);
window.location = ass; } //--></script>
This is what you see for that page:
http://home.earthlink.net/~mike.terrell/Epcol.html You can iew the page
source to see how simple it is. There are some bad links and missing
files, thanks to Earthlink's great maintenance. The original files are
on an old hard drive I have stashed away, so it will take some time to
make repairs. Once they are, I will burn a CDROM of all the files for a
fast restore.
Editing that one file will change the Email address on all the web
pages, if needed or desired.
------------------------------------------------------------------
Here is a link to the program:
http://www.sintraweb.pt/Public_files/assmkr31.zip
--
Never piss off an Engineer!
They don't get mad.
They don't get even.
They go for over unity! ;-)
Reply by Jim Thompson●July 20, 20172017-07-20
On Thu, 20 Jul 2017 13:56:37 -0500, Jon Elson <jmelson@wustl.edu>
wrote:
>Jim Thompson wrote:
>
>> The trollers are constantly picking up an E-mail address from my
>> website, forcing me to periodically change the address.
>>
>> How are these E-mail "forms" done on websites? No addresses are
>> shown, just fill in the blanks and press "send".
>>
>> I'm looking for something simple that I (a non-Eunuchs-experienced
>> person ;-) can install without much grief.
>>
>> Suggestions?
>>
>> ...Jim Thompson
>Go to the form where you send the email, and hit ctrl/u (this shows html
>source on many browsers), and see if your email addr is in the source. I'm
>guessing it is right there in plain text.
>
>Yup, mailto:webmaster@xxx, right there in the html!
>
>The only way to fix it is to have the user send the email text back to the
>web server for mailing, rather than sending it directly through the user's
>browser. That way, there would be no reason for the email addr to be in the
>html. This will require your html server to run a script language for php
>or something like that.
>
>I'm pretty sure my web store software does it that way, but don't ask me
>how. It has some 10,000 .php files! WAYYY too complicated for mortals to
>understand more than one TINY part of the code at a time.
>
>Jon
Good idea! It's probably already available via my website provider,
but I didn't know to ask ;-)
...Jim Thompson
--
| James E.Thompson | mens |
| Analog Innovations | et |
| Analog/Mixed-Signal ASIC's and Discrete Systems | manus |
| STV, Queen Creek, AZ 85142 Skype: skypeanalog | |
| Voice:(480)460-2350 Fax: Available upon request | Brass Rat |
| E-mail Icon at http://www.analog-innovations.com | 1962 |
I'm looking for work... see my website.
Thinking outside the box...producing elegant & economic solutions.
Reply by Jon Elson●July 20, 20172017-07-20
Jim Thompson wrote:
> The trollers are constantly picking up an E-mail address from my
> website, forcing me to periodically change the address.
>
> How are these E-mail "forms" done on websites? No addresses are
> shown, just fill in the blanks and press "send".
>
> I'm looking for something simple that I (a non-Eunuchs-experienced
> person ;-) can install without much grief.
>
> Suggestions?
>
> ...Jim Thompson
Go to the form where you send the email, and hit ctrl/u (this shows html
source on many browsers), and see if your email addr is in the source. I'm
guessing it is right there in plain text.
Yup, mailto:webmaster@xxx, right there in the html!
The only way to fix it is to have the user send the email text back to the
web server for mailing, rather than sending it directly through the user's
browser. That way, there would be no reason for the email addr to be in the
html. This will require your html server to run a script language for php
or something like that.
I'm pretty sure my web store software does it that way, but don't ask me
how. It has some 10,000 .php files! WAYYY too complicated for mortals to
understand more than one TINY part of the code at a time.
Jon
Reply by Steve Wilson●July 20, 20172017-07-20
Martin Brown <'''newspam'''@nezumi.demon.co.uk> wrote:
> On 20/07/2017 08:50, Steve Wilson wrote:
>>
>> 4. Here is the result. Spambots cannot be bothered to decode it. Paste
>> it in your web page and sit back and relax.
>>
>> <a
>> href='mailto:news&#
>> 112;am@nezumi.de
>> ;&#
>> 109;on.co.uk'>new
>> 15;
>> pam@nezumi.d
>> 01; mon.co.uk</a>
>
> Thanks!
>
> Interesting take on it and on a web page it will render it OK. I will
> give it a try with a sacrificial moniker and see how well it performs.
>
> <a href='newspam@nezumi.demon.co.uk'>;
> </a>
You probably need to add "mailto:" in front of the email address. That is
the section at the beginning of the link:
<a href=mailto:
Note that it is missing in the second section.
Reply by Martin Brown●July 20, 20172017-07-20
On 20/07/2017 08:50, Steve Wilson wrote:
> Martin Brown <'''newspam'''@nezumi.demon.co.uk> wrote:
>
>> Failing that if you must expose an email address for simplicity
>> increment a tag number on the end of it periodically and only accept the
>> current one bouncing all else. This was the first fix used during the
>> Swenfest when people still exposed their true email address online.
>
>> My own odd looking Usenet address is legal and works provided that it is
>> not modified in any way. Spamming engines can't resist removing "spam"
>> from it and I don't see anything sent to '''new''' at all. It is a
>> special form of munging where the apparent modifications are essential
>> for the email to reach its destination. It might also do what you want.
>
>> It was even better when my ISP accepted the special character "|" in
>> email addresses. It has a special meaning of pipe in Unix and messed up
>> some of the simpler spammers scripts. Better ones substituted another
>> character to avoid crashing themselves (but never put it back).
>
> No need for fancy footwork. Just convert the characters to numeric. I have
> been using this technique for fifteen years and have never got a single
> spam from my web addresses. Here's how to do it:
>
> 1. get a new disposable address. http://www.e4ward.com/ is a good one.
>
> 2. Go to http://www.fingerlakesbmw.org/main/flobfuscate.php
>
> 3. Enter the desired email address. I use newspam@nezumi.demon.co.uk for an
> example.
>
> 4. Here is the result. Spambots cannot be bothered to decode it. Paste it
> in your web page and sit back and relax.
>
> <a href='mailto:news&#
> 112;am@nezumi.de&#
> 109;on.co.uk'>news
> pam@nezumi.de
> mon.co.uk</a>
Thanks!
Interesting take on it and on a web page it will render it OK. I will
give it a try with a sacrificial moniker and see how well it performs.
<a href='newspam@nezumi.demon.co.uk'>;
</a>
Is probable secure enough. Kill rule on "To:" begins with "&". One
slight snag with your suggestion is that many WYSIWYG web editors
convert the obfuscated numerical form into text on saving. So the
relevant page would need to be edited manually in a dumb editor.
Antispam measures at my ISP seem to work well enough these days.
--
Regards,
Martin Brown
Reply by Steve Wilson●July 20, 20172017-07-20
Martin Brown <'''newspam'''@nezumi.demon.co.uk> wrote:
> On 20/07/2017 00:05, Jim Thompson wrote:
>> The trollers are constantly picking up an E-mail address from my
>> website, forcing me to periodically change the address.
>>
>> How are these E-mail "forms" done on websites? No addresses are
>> shown, just fill in the blanks and press "send".
>>
>> I'm looking for something simple that I (a non-Eunuchs-experienced
>> person ;-) can install without much grief.
>>
>> Suggestions?
>
> Your hosting provider should provide some basic scripts and examples of
> how to use them on their platform. You need to find out what they
> provide. It might be as simple as drag and drop the right item onto a
> reply form page or click a button in the admin section somewhere.
> FormMail.pl is a script that more or less does what you want provided
> that you are allowed to use scripts on your hosting platform.
> It may already be provided in the default ISP provided scripts.
> Failing that if you must expose an email address for simplicity
> increment a tag number on the end of it periodically and only accept the
> current one bouncing all else. This was the first fix used during the
> Swenfest when people still exposed their true email address online.
> My own odd looking Usenet address is legal and works provided that it is
> not modified in any way. Spamming engines can't resist removing "spam"
> from it and I don't see anything sent to '''new''' at all. It is a
> special form of munging where the apparent modifications are essential
> for the email to reach its destination. It might also do what you want.
> It was even better when my ISP accepted the special character "|" in
> email addresses. It has a special meaning of pipe in Unix and messed up
> some of the simpler spammers scripts. Better ones substituted another
> character to avoid crashing themselves (but never put it back).
No need for fancy footwork. Just convert the characters to numeric. I have
been using this technique for fifteen years and have never got a single
spam from my web addresses. Here's how to do it:
1. get a new disposable address. http://www.e4ward.com/ is a good one.
2. Go to http://www.fingerlakesbmw.org/main/flobfuscate.php
3. Enter the desired email address. I use newspam@nezumi.demon.co.uk for an
example.
4. Here is the result. Spambots cannot be bothered to decode it. Paste it
in your web page and sit back and relax.
<a href='mailto:news&#
112;am@nezumi.de&#
109;on.co.uk'>news
pam@nezumi.de
mon.co.uk</a>
Reply by Martin Brown●July 20, 20172017-07-20
On 20/07/2017 00:05, Jim Thompson wrote:
> The trollers are constantly picking up an E-mail address from my
> website, forcing me to periodically change the address.
>
> How are these E-mail "forms" done on websites? No addresses are
> shown, just fill in the blanks and press "send".
>
> I'm looking for something simple that I (a non-Eunuchs-experienced
> person ;-) can install without much grief.
>
> Suggestions?
Your hosting provider should provide some basic scripts and examples of
how to use them on their platform. You need to find out what they
provide. It might be as simple as drag and drop the right item onto a
reply form page or click a button in the admin section somewhere.
FormMail.pl is a script that more or less does what you want provided
that you are allowed to use scripts on your hosting platform.
http://www.scriptarchive.com/formmail.html
It may already be provided in the default ISP provided scripts.
Failing that if you must expose an email address for simplicity
increment a tag number on the end of it periodically and only accept the
current one bouncing all else. This was the first fix used during the
Swenfest when people still exposed their true email address online.
My own odd looking Usenet address is legal and works provided that it is
not modified in any way. Spamming engines can't resist removing "spam"
from it and I don't see anything sent to '''new''' at all. It is a
special form of munging where the apparent modifications are essential
for the email to reach its destination. It might also do what you want.
It was even better when my ISP accepted the special character "|" in
email addresses. It has a special meaning of pipe in Unix and messed up
some of the simpler spammers scripts. Better ones substituted another
character to avoid crashing themselves (but never put it back).
--
Regards,
Martin Brown
Reply by Johann Klammer●July 20, 20172017-07-20
On 07/20/2017 01:05 AM, Jim Thompson wrote:
> The trollers are constantly picking up an E-mail address from my
> website, forcing me to periodically change the address.
>
> How are these E-mail "forms" done on websites? No addresses are
> shown, just fill in the blanks and press "send".
>
> I'm looking for something simple that I (a non-Eunuchs-experienced
> person ;-) can install without much grief.
>
> Suggestions?
>
> ...Jim Thompson
>
> The trollers are constantly picking up an E-mail address from my
> website, forcing me to periodically change the address.
>
> How are these E-mail "forms" done on websites? No addresses are
> shown, just fill in the blanks and press "send".
>
> I'm looking for something simple that I (a non-Eunuchs-experienced
> person ;-) can install without much grief.
>
> Suggestions?
>
> ...Jim Thompson
>
> The trollers are constantly picking up an E-mail address from my
> website, forcing me to periodically change the address.
>
> How are these E-mail "forms" done on websites? No addresses are
> shown, just fill in the blanks and press "send".
>
> I'm looking for something simple that I (a non-Eunuchs-experienced
> person ;-) can install without much grief.
>
> Suggestions?
>
> ...Jim Thompson
>
Jim, read up on MUNGING your email address. Using Escape characters or
other unexpected methods (which still display properly on HTML readers)
works for me and many other folks.
Looks like this in raw code:
mailto:service@flipp....
This looks like a good site with options to protect your email.
http://perso.crans.org/~raffo/email-munging.php
John