Chiff and Fipple Forums

I just received this email from Thom at The Whistle Shop.

Can we help him solve this problem?

Hi Jerry,

Thanks. I don't know how it's happening (I'm using
web-based forms now for email instead of having actual
email addresses posted at my website) but I'm getting over
1,000 pieces of spam in my "orders" email in-box A DAY.
now. I just changed that email address around the first of
this year, and took the actual address off of all of my web
pages at that time.

Anyway - that's why it was full; I've upped the alloted
space for that mailbox now, so it shouldn't happen again
before I can change it once more...

Thanks again,
Thom

Best wishes,
Jerry

Is the email still in the html form somewhere? Because the spambots
can read that even if it doesn't show up on the browser. If this is the
case, I'd suggest using some javascript to obscure the email address.

If the spambots are actually submitting the form, the spam will persist
after changing addresses. In this case, I'd use some form of CAPTCHA
(Human Verification).

A really good way is to do like I do with my own domain. My host has CPanel which allows me to setup different settings for receiving mail. The best one is the use of Spam Assassin, which can DELETE received SPAM on the SERVER itself, so it never reaches your inbox.

So I think it's more a matter of choosing a good host which has great anti-spam at the server level, instead of trying to filter the spam from your own inbox.

I pay 5.99$/month for server space and emails with imagelinkusa.com, but there's many others out there.

Great work, folks!

We've found Thom's email address in the source HTML for his contact pages, so that should solve the mystery of how the spammers are getting it.

Now ...

Any advice about how he should reconfigure his contact pages? He's already using a Java script, and he thought it was hiding his email address already.

Best wishes,
Jerry

like breaking the address in to two or more parts, stored in variables, and concatenated on the send the email.

Jerry Freeman wrote:Any advice about how he should reconfigure his contact pages? He's already using a Java script, and he thought it was hiding his email address already.

Try encrypting it with this free online tool (which also uses javascript, but it really does prevent the spam robots from seeing it):

http://automaticlabs.com/products/enkoderform/

However, this only prevents robots from getting his email in the future. The problem now is that obviously his email address has already been captured by spam robots and they'll keep sending him spam for decades to come at that address. So to stop the spam, he'd have to use a different email address for his contact pages and encrypt it using the Encoder tool, and then never give out that address anywhere publicly, and he should cancel his old email address.

He'll definitely change his email address. I've forwarded your suggestion and the accompanying link on to him.

Best wishes,
Jerry

That's an incredibly cool tool, BTW.

Best wishes,
Jerry

An incredibly simple method I read about is to put his email address as a .gif on the page and have people type that into a field. Bots can't handle it because they can't read graphics.

djm

Jerry Freeman wrote:That's an incredibly cool tool, BTW.

Best wishes,
Jerry

It's a great tool, but I'm not sure whether it could be integrated into his web forms. However, it works so well that he could actually just do away with the web form and provide a direct e-mail link using the Enkoder...people would just click on the link and it would open a new message in their e-mail program with his address in the "to" field.

I've been using the Enkoder to encrypt e-mail addresses on my site for quite a few years now, and it works very well. The only problem is that it only works if you have Javascript enabled in your browser, but most people do.

I use a php script to hide mine. Here is a link:
http://www.dtheatre.com/scripts/formmail

Since it is never in the web page in any form, it cannot be seen by the bot.

bradhurley wrote:

Jerry Freeman wrote:That's an incredibly cool tool, BTW.

Best wishes,
Jerry

It's a great tool, but I'm not sure whether it could be integrated into his web forms. However, it works so well that he could actually just do away with the web form and provide a direct e-mail link using the Enkoder...people would just click on the link and it would open a new message in their e-mail program with his address in the "to" field.

I've been using the Enkoder to encrypt e-mail addresses on my site for quite a few years now, and it works very well. The only problem is that it only works if you have Javascript enabled in your browser, but most people do.

Thom has now incorporated his "clean" email address (a recent one that hasn't been inundated by spam) into a new link for sending emails to him.

He has followed our suggestions using the Enkoder Javascript email link function to try to keep the webcrawlers at bay and hopefully make it easier to get ahold of him.

I realize there are other issues as well that he needs to sort out, but this should help.

http://www.thewhistleshop.com/misc/email_form.htm

Best wishes,
Jerry

some other things (my husband has had these problems with our site)...

Once someone figures out that XXXX@whatever.com will come to you because you hold that domain, they'll just start doing random generated names and terms in place of the XXXX cuz they know they'll eventually score a hit. We have this happen at work all the time, too. Tom set up filters so unless the XXXX is an actually address we use, it all goes into the trash.

Using a web form cut down on our spam hugely.

And, of course, any time you put your email address on something like C&F, make sure you put words or something in place of the characters so spambots cannot mine it.

If Thom is still having problems, pm me and I'll have my Tom hook up with him and give him some pointers.