SafeMail Demo

Contact Me Type 1   << click to test

Contact Me Type 2   << click to test

This is a demonstration of how to use Javascript to avoid spammers getting your address with a spam harvesting engine.

Spam harvesting engines search the web and return any e-mail address found on a web site.   They look for the HTML "mailto:" command AND any e-mail address in the standard form of username@hostco.ext.   The SPAMMER simply uses any list, link list, or search engine results and feed those addresses into a simple program that works like your browser except that instead of displaying pages it reads the page and returns e-mail addresses.

The best and most secure way to avoid this is with a form that calls a CGI program that sends the mail. However, most individuals with websites do not have access to the area where CGI programs are run or have the skills to setup the form and CGI. The solution here will work on anyone's web site and with 99.99% of browsers. The SPAMMER can still get your address but they have to work for it by visiting your page, clicking on the link then cutting and pasting from their mail program. They will have to WORK for it.

Below are two versions of the scripts used above. The first is very simple and only does a basic mailto:. The second includes your given name as well as a subject. The %20 codes are space codes. They are needed in some browsers and should not show in the mail except as spaces. They also make your code harder to read (for good or bad).

You can further obfuscate the text by entering it in hexadecimal codes (like the %20 for space) but since this routine builds a human readable address by clicking on it there is no point. Our anvilfire forum routines generate an encrypted string and then decrypts them when a user clicks on them. But that is for a public site and is still no more secure than the code below.

There are two ways to use this code. The simplest is to include one of the scripts below in the HEAD of your page. Then use a link as in this sample page. The following is a simplified sample page with no extras. Feel free to use it.

Simple Sample Page

The second method is to save the Javascript as a .js file without the SCRIPT tags and then use a SCRIPT SRC="filename.js" TAG in the HEAD of each your web pages to include the file. This is a much better way if you are going to have a contact link on more than one page. If your e-mail address changes the only file you need to update is the ONE script. This page is setup that way. Feel free to copy it and the scripts below to build your page from. Note that calls to the Javascript sourcecode are case sensitive on most servers.





If you can use a simple editor like notepad and carefully replace the sample text in these examples you should be able to use this code on your web page.

I recommend using different file and function names than I have used here. Why? Because when any method becomes very popular it makes it worth while for the SPAMMER to setup special code for that method. If everyone using this code makes minor changes in the name and the variables (part1, part2, part3) then it would not be worth anyones trouble to write a special filter.

If you need multiple contact addresses just make two different functions (sendthemailtoMe(), sendthemailtoSusan() ). If you needed many addresses then you could use a parameter in the call such as sendthemailto('1') and use IF statements or an ARRAY of names where the number is like an account number. If the many names were all at the same host then only the account names would be needed and the code would only be a little larger than it is now. However, it is probably best not to use this method for a business or organization with numerous addresses. For that you should use a CGI FormMail program.

NOSPAM: Those of you that insert 'NOSPAM' in your e-mail addresses on forums are wasting your time. Once a harvestor has gathered thousands of names it is very simple to use a search and replace function to remove all the places that say 'NOSPAM' in a list. In just a few minutes you can filter out all the NOSPAMs and then do a search for SPAM, xSPAM and other common variations and manually replace those in a list of thousands. These folks may be liars, cheats and thieves but they are not stupid and it is their profession.




Site created and maintained by the
anvilfire guru
Click above to send mail

Page Counter General Site Counter