Tuesday, 22 April 2008

Encrypting mailto: links to avoid spam

Anyone who has placed a mailto: link on their website may or may not have noticed an increase in spam email. Gmail has an excellent spam filter so I never really have much of a problem.

There have been a few different ways suggested on how to put a "Spam Proof" email link on your website.

Linda Roeder suggests using javascript although the main argument I have against this is the same reason I keep my javascript to a bare minimum... What if javascript is turned off?

Another way that has been suggested is to make an image with just your email address but this involves any users to take a note and manually type in your address into an email.

You can also put a form on your site allowing people to send you feedback, but what if you actually want people to know your email address for future correspondence?

The best way I have found so far is by encrypting your email address. This works by substituting each letter in the address including the "at" and any dots into html character code.

This might sound like a lot of hard work but web designer Rob Spangler provides a quick and easy to use tool on his blog. Simply enter your email address and if you don't want your email address to display to users, what text you want to display in the link. This then transforms a plain text version of your address, easily trawlable from the web. Into a nicely encrypted mailto link such as the one below

graham.macleod@gmail.com (view the page source to see the encrypted version)

Keep in mind, it's always best to give users the choice of using a mailto link and also a feedback form since not everyone uses a mail client and for some people, clicking on a mailto link will cause
an unconfigured outlook express to open up.

How long it will take for the spammers to pick up on this method I don't know but at least our mailboxes will be safer for a while.

No comments: