[CUBE] Offering email addresses to spammers as a policy

Mon Apr 21 17:52:19 PDT 2003

On 4/21/03 8:04 PM, gnarlodious at cybermesa.com added a note to the human
symphony, when this was said:

> Entity Laurie A Duncan spoke thus:
> 
>> No
>> one else has reported their address being harvested for spam, so I'd suggest
>> the spam at apple.com you are seeing is coming from elsewhere - including your
>> own website, which has your email address all over it, and it's not encoded
>> in the text - only in the code, which is rather useless
> Besides the phenomenon of every instance of the word "spam" in your email
> reading as "spam at apple.com", this statement doesn't make any sense to me at
> all.

LOL!  I hadn't even noticed that! I use a program called TypeIt4Me for
auto-typing frequently used text, and spam at apple.com is what I use as a junk
address for several sites. The trigger is SUPPSED to be a TAB, though, and
not a space - but it seems my preferences got corrupt and every time I type
the word "spam" with a space following it, it was autotyping spam at apple.com.

Too funny. I have fixed that little glitch now :) Mentally replace
spam at apple.com with "spam" in that email :)

But it means exactly what it says, so I don't know why it doesn't make
sense. You have encrypted the address in the underlying code, while
neglecting to replace the displayed text for the mailto link to something
other than your actual email address.

> My address on all my sites has always been encoded in ASCII and has always
> been secure, although I'm a little mystified why search engines now return
> the ASCII as text. I wonder if search spiders now go to the extra work of
> decoding ASCII and index the result as text?

The search spiders have nothing to do with it. It's in plain text on your
own site. The problem is that you are choosing to display your email address
as the link, and the browser will always translate that. The plain text
display is still your full email address, which is picked up the same way
when the bots crawl. So you are not protected at all. Not one bit, as long
as you keep choosing to display the actual email address in the mailto text.
It doesn't matter that you have the email address in the code as ascii -
it's the browser's job to render and translate it for the viewer. Just like
it translates other ascii-encoded symbols and the like.  I look at the page,
and I see your actual address. What I should see, if you want to be
protected, is some other text. If I can copy and paste it as text, so can
any spambot.

>> If you want to protect your own site from being
>> harvested for addresses in the future, your link text should NOT be
>> name at domain.com - but instead be "contact me here"
> It doesn¹t actually say name at domain.com but rather ASCII:
> a 
> href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#110;&#97;&#109;&#101;&#64;&#
> 100;&#111;&#109;&#97;&#105;&#110;&#46;&#99;&#111;&#109;">&#110;&#97;&#109;&#
> 101;&#64;&#100;&#111;&#109;&#97;&#105;&#110;&#46;&#99;&#111;&#109;
> 
> And all other instances of my email address on the web are encoded as ASCII,
> except of course for the Cube Archive pages. Which is why other listees can
> expect more and more spam.

See above. It's translating it and displaying the encoded string as text.
Always has, always will. If you want to fix that, you need to do <a
href="encoded mailto tag here"> click here to email me </a>.

There is no difference between what's in the Cube archives and what is
currently on your own website. Not one. It's a viewable address, and can be
copied and pasted all the same, by a human or a bot that programmed to do
just that.

Hope this helps. If you want to discuss this further, please reply off list,
as I am sure most people here aren't really interested in this.

Laurie
-- 
AOL IM/iChat: cubeownernyc
http://www.cubeowner.com
Home of The Mac Cube FAQ!