Tuesday, March 18, 2008

Encoding mailto in hyperlink against spam bots

Scanning pages for hyper link with mail
On almost each html tutorial you can find how to create link, which openes user's default mail application.

Don't do that
- after creating such page, your mailbox will contain almost only spam e-mails.

Solution 1 - creating dummy human readable address
You can paste on your page:

Yes - it's working, but do you really want place it on your company site. Imagine link on home page: "Contact our consultant - send sales_at_professional_REMOVE_IT_company.com" - actually it does not seems to be very professional.

Solution 2 - encode with javascript
Concept: Instead of creating

Create on output page with javascript encoded email - spam-bots does not parse javascript, so email will not be properly generated:

In browsers supporting javascirpt it will be displayed as earlier, because document.write is processed immediately after loading:

  1. Import javascript decode64 function

  2. Create ASP.NET filter which finds all occurences of hyperlinks with mailto:

  3. Replace all occurrences with javascript which produces document.write in javascript

  4. Add configuration in web.config

No comments: