Announcement

**magicalwonders** · 12-Apr-2005, 12:36 PM

Hi Nick,

It's more likely that a spammer is forging your email address.

The bad news is that there's not much you can do about it. The good news is that it should run it's course after a week or two, and then they'll move on to using someone elses address! I've had my turn so I know this to be true!

Best wishes,

Myles
www.magicalwonders.com

**fleetwood** · 12-Apr-2005, 12:43 PM

Hi Nick
The most likely explanation is that your email domain has been harvested and is being used to send out spam from remote servers.
The mail is unlikely to be coming from your own machine, but your name has been hijacked and is being used by 'rogues' (politest term I can muster!) to send out spam.
This 'problem' affects most of us and unfortunately there is not a lot you can do once its started.
To help reduce domain harvesting (domain names being picked up by robots for surupticious use), its a good idea to replace any email addresses within your site with ones that are constructed from text strings (there is a name for this that escapes me right now, but one of the more able members will step in with the correct name and how to if you wait - where are you Norman? <g>).
As for the 'failed mail' emails, there is nothing worth doing other than deleting them - its a waste of time replying.
Martin

**jont** · 12-Apr-2005, 12:51 PM

Hiding the email is a good step but this will not stop the serious spammers - most domains have a "catchall" account so hijacked mail can be sent from say chris.bigglesthwaite.anyname@domain.com and if the receipient rejects the email it simply bounces back to you - check the bounced emails for non existent contact names.

It may be worth disabling any catchall accounts or re-directing to a temporary email address for filtering.

As Myles says - most of us have had this happen and there is not a vast amount you can do to stop it

**NormanRouxel** · 12-Apr-2005, 12:52 PM

It's "Obfuscation". Search for that and you'll find tips for replacing mailto:spamme@here type addresses with safer ones.

**fleetwood** · 12-Apr-2005, 12:55 PM

Norman - if you could also come up with "Obliteration" - turning a spammer into something more useful - that would be great <g>
Martin

**jont** · 12-Apr-2005, 12:56 PM

Originally posted by fleetwood

Norman - if you could also come up with "Obliteration" - turning a spammer into something more useful - that would be great <g>
Martin

LOL - wishful thinking

**fleetwood** · 12-Apr-2005, 12:57 PM

"Uploadmysitewithlessaggreavtion" is also on my wish list <g>

**garyhay** · 12-Apr-2005, 01:57 PM

Code:

                  <SCRIPT type=text/javascript>
<!--
emailE=('in' + 'fo' + '@' + 'my' + '-domain.co.uk')
document.write('<a href="mailto:' + emailE + '">' + emailE + '</a>')
//-->
</SCRIPT>

**webyourbusiness** · 13-Apr-2005, 02:56 AM

there was another script that was even nicer - it had several variables and concatenated them, with the encoded @ symbol - something like...

Code:

<SCRIPT type=text/javascript>
<!--
var mail = 'mail'
var to = 'to'
var first = 'in'
var second = 'fo'
var at = '@'
var dot = '.
var domfirst = 'yourdomain'
var domsecond = 'com'
emailE=(first + second + at + domfirst + dot + domsecond)
document.write('<a href="' + mail + to + ':' + emailE + '">' + emailE + '</a>')
//-->
</script>

change @ to &# 064; - minus the space in var at
and . in the dot variable declaration to &# 046; for safest practices

Even though it's only different in a number of subtle ways, I'd rather encode as much as I can, it's going to hold off script writers for a longer period of time (at least that would be my hope).

or - use something like this:

http://w2.syronex.com/jmr/safemailto/

**Luddite** · 14-Apr-2005, 02:24 PM

Thanks for all this advice. Some of it is a little over my head, but hopefully nothing a few late nights and cups of coffee won't sort out!

Cheers

Nick
www.theperfectpad.co.uk

**Bob Isaac** · 14-Apr-2005, 02:42 PM

This is a really easy one:

<SCRIPT LANGUAGE="JavaScript">

</SCRIPT>

Just drop that into the page you want the email address to appear, replacing 'joe.bloggs' with the part of email address that comes before the @ and replace 'domain.co.uk' with the bit after the @.

**Luddite** · 14-Apr-2005, 04:07 PM

Thanks Bob - much appreciated.

Nick
www.theperfectpad.co.uk

**webyourbusiness** · 15-Apr-2005, 02:12 PM

Bob, it's basically the same as Gary posted - I think that one of the next logical steps will be for email address grabbing bots to code for mailtos with javascript obfustication (they don't already) - if that happens, the more you split up the address into little bits, the longer it would be for a bot to be programmed to cope with it - if at all.

Of course, the simple splitting of user/domain might be safe for a long time... I hope so - but I like to make sure by making it harder and harder for the scumbags!

regards

Greg

**Tim Weaver** · 15-Apr-2005, 04:05 PM

I believe that I am right in saying that screen readers are not able to render these script solutions and that poses a problem for accessibility.

Don't forget that it is now a legal requirement under the Disability Act to ensure that public facing websites are accessible.

Announcement

I think I am sending people spam without my knowledge!

I think I am sending people spam without my knowledge!

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment