Spoofed emails...

[ZENYO]

The emails that programmed in the source on our contact page are being spoofed. I'm assuming these spammers are using some sort of bot to scan for these emails.

Is there anyway to prevent this from happening?

Thanks

[batmeat]

You mean someone is spoofing your email address as the source address and then sending out unsolicited email? To my knowledge all you can do is look at the header to get an IP. Spoofing an email address to be the source address is very easy to do unfortunately. Once you get their IP then you can easily trace it to a provider and turn them in. Somebody correct me if I'm wrong or if there is more options you can do.

[RobRich]

Instead of using published emails at TechIMO, we use a contact form, that way our staff addresses are not exposed to email crawl bots.

http://www.techimo.com/timo_contact.pl

That single change slashed email spoofs of TechIMO addresses by a good 90% or more.

Robert Richmond

[ZENYO]

Thanks Rob... So when someone selects Hardware, advertising or general. How does the fomr know where to send? Is it handled in the back end?

We use a form to but the who to contact area of the form (Topic) has the email address in the source.

Here's the link for our contact form - http://www.sisu.com/en/contact

FYI - I'm not the site developer, Just the it guy who has to deal with spam...

[RobRich]

We handle everything on the backside by a script. The form feeds the script, thus no addresses are ever displayed in the source. We set different headers depending upon the topic selected by the user, but it could just as easily be different email addresses as well.

In comparison, the form being used on the linked site is a simple JavaScript. The emails are visible to a bot when crawling the HTML source.

There are two relatively easy solutions available.

First is to implement a CGI script, which is the best solution. There are several such scripts available for free. Search here:

http://www.hotscripts.com/

Second is to obfuscate the HTML source, though that will take some moderate effort if you want the contact form to stay in place. For a quick example, a simple inline email text link would look like the following:

PHP Code:

<p>Send your comments and questions to our 

<script language=javascript>

  <!--

  var contact = "Editor"

  var email = "editor"

  var emailHost = "mysite.org"

  document.write("<a href=" + "mail" + "to:" + email + "@" + emailHost+ ">" + contact + "</a>" + ".")

  //-->

</script>

</p> 


Either way shouldn't take a web developer more than 10 minutes to setup and configure, so definitely drop him/her a line about the problem, as the spam and spoofing problems will only get worse with the addresses remaining publicly accessible.

Robert Richmond

[ZENYO]

Thank you very much sir.. I will contact the developer right away!

[batmeat]

Ah...I see your talking about the contact page here at TIMO. Your original post makes more sense now. NVRMND