From: Ashley Sheridan on
On Tue, 2010-06-15 at 13:28 +0530, cheran krishnamoorthy wrote:

> You can always convert an email address as image.no one can read but humans.
> i think this is a simple solution.
>
> Regards
> Cherankrish
>
> On Tue, Jun 15, 2010 at 2:50 AM, Paul M Foster <paulf(a)quillandmouse.com>wrote:
>
> > On Mon, Jun 14, 2010 at 01:06:29PM +0100, Ashley Sheridan wrote:
> >
> > > On Mon, 2010-06-14 at 08:02 -0400, David Mehler wrote:
> > >
> > > > Hello,
> > > > I've got a site that is needing to have two email addresses on it, one
> > > > for general contact and information and the other for webmaster for
> > > > site problems. I do not want these addresses to become harvested by
> > > > spammers yet i want to make it possible for people to email if needed.
> > > > I can not use javascript for this solution.
> > > > Suggestions appreciated.
> > > > Thanks.
> > > > Dave.
> > > >
> > >
> > >
> > > If Javascript isn't a solution (which I can understand for accessibility
> > > reasons) then the only method I've seen that seems to work is to have
> > > the email as an image in the same font style as it would be on the page
> > > if it were just text. Facebook uses this to display contact email
> > > addresses for people, and I've seen it used elsewhere also. The only
> > > other method I've seen is to add in extra characters with a small note
> > > to humans to remove them, but I find this quite a messy solution.
> > >
> > > Unfortunately, you can't get away with just a contact form these days if
> > > you're a business, as it's a legal requirement in some countries to have
> > > a contact details available, and not just a contact form.
> >
> > Do you have specifics? I've never heard of such a requirement.
> >
> > Notwithstanding Ash's assertion, I would suggest a contact form. The
> > email address is effectively hidden, and you can apply CAPTCHA to the
> > form to cut down on bot spam. It also introduces some discipline on the
> > user, and potentially allows you to categorize inquiries (making it
> > easier to pass them on to the proper person). You can also have a pick
> > list on the form which details which person you'd like the form to be
> > sent to.
> >
> > In general, on contact forms or "about us" pages, I include some
> > physical address and possibly a phone number. This might satisfy Ash's
> > requirement for "contact details".
> >
> > Paul
> >
> > --
> > Paul M. Foster
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >


I'd already mentioned this, and it was deemed not very accessible (what
if someone is blind, for example?)

Thanks,
Ash
http://www.ashleysheridan.co.uk


From: Ian on
On 14/06/2010 22:51, Ashley Sheridan wrote:

<snip>

> It's not my requirement, it's been a legal requirement in the UK for 3
> years now.
>
> http://www.calmdesign.co.uk/articles/Website_legal_requirements/?id=16
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk

Hi,

Further to this the actual regulation is here:

http://www.opsi.gov.uk/si/si2002/20022013.htm

The relevant line from this:

6(c) the details of the service provider, including his electronic mail
address, which make it possible to contact him rapidly and communicate
with him in a direct and effective manner;



It must be stressed that these laws were written before spam became 90%+
of all email communication (2002). So I suspect it could be argued that
a contact form can be allowed to bypass your normal email spam checking
and is therefore a quicker way to communicate effectively.

IANAL ;)

Regards

Ian
--
From: Ashley Sheridan on
On Tue, 2010-06-15 at 09:46 +0100, Ian wrote:

> On 14/06/2010 22:51, Ashley Sheridan wrote:
>
> <snip>
>
> > It's not my requirement, it's been a legal requirement in the UK for 3
> > years now.
> >
> > http://www.calmdesign.co.uk/articles/Website_legal_requirements/?id=16
> >
> > Thanks,
> > Ash
> > http://www.ashleysheridan.co.uk
>
> Hi,
>
> Further to this the actual regulation is here:
>
> http://www.opsi.gov.uk/si/si2002/20022013.htm
>
> The relevant line from this:
>
> 6(c) the details of the service provider, including his electronic mail
> address, which make it possible to contact him rapidly and communicate
> with him in a direct and effective manner;
>
>
>
> It must be stressed that these laws were written before spam became 90%+
> of all email communication (2002). So I suspect it could be argued that
> a contact form can be allowed to bypass your normal email spam checking
> and is therefore a quicker way to communicate effectively.
>
> IANAL ;)
>
> Regards
>
> Ian
> --
>


The link you gave is indeed 8 years old, whereas the one I gave is a lot
more current (3 years) and well after what you call the period of spam
(which really started kicking off big-time before 2002 anyway) Either
way, I don't think you can 'argue' with a law if you're a business. A
personal website is not under such restrictions, but there are lots a
business has to go through, and a business potentially faces more
repercussions from breaking laws, however daft or imposing they may be.

You could, I guess, claim ignorance, but that doesn't offer much
protection on a law that's 3 years old...

Thanks,
Ash
http://www.ashleysheridan.co.uk


From: "HallMarc Websites" on


-----Original Message-----
From: Ashley Sheridan [mailto:ash(a)ashleysheridan.co.uk]
Sent: Monday, June 14, 2010 10:52 AM
To: Dotan Cohen
Cc: HallMarc Websites; David Mehler; php-general
Subject: Re: [PHP] protecting email addresses on a web site

On Mon, 2010-06-14 at 17:50 +0300, Dotan Cohen wrote:

> On 14 June 2010 15:36, HallMarc Websites <sales(a)hallmarcwebsites.com>
wrote:
> > Another is a CSS solution where you type the email address backwards and
> > then use the CSS style declaration:
> > style="direction: rtl; unicode-bidi: bidi-override;"
> >
>
> How does that work with screen readers? How about copy-paste?
>


I don't think there's an accessible way of doing this. Anything that
allows a screen reader to speak the email address would also be
susceptible to spammers email scrapers.

Thanks,
Ash
http://www.ashleysheridan.co.uk



Copy-n-paste just gives you the email address backwards; screen readers,
because we are using logical ordering and it is stored in memory the way we
expect to read it, will read it correctly.

I was not aware that email harvesters used screen readers. Do you have some
documentation I could read to get up to speed on this?

Marc Hall
HallMarc Websites
So many spammers, so few bullets...


__________ Information from ESET Smart Security, version of virus signature
database 5199 (20100615) __________

The message was checked by ESET Smart Security.

http://www.eset.com


From: Ashley Sheridan on
On Tue, 2010-06-15 at 13:02 -0400, HallMarc Websites wrote:

>
> -----Original Message-----
> From: Ashley Sheridan [mailto:ash(a)ashleysheridan.co.uk]
> Sent: Monday, June 14, 2010 10:52 AM
> To: Dotan Cohen
> Cc: HallMarc Websites; David Mehler; php-general
> Subject: Re: [PHP] protecting email addresses on a web site
>
> On Mon, 2010-06-14 at 17:50 +0300, Dotan Cohen wrote:
>
> > On 14 June 2010 15:36, HallMarc Websites <sales(a)hallmarcwebsites.com>
> wrote:
> > > Another is a CSS solution where you type the email address backwards and
> > > then use the CSS style declaration:
> > > style="direction: rtl; unicode-bidi: bidi-override;"
> > >
> >
> > How does that work with screen readers? How about copy-paste?
> >
>
>
> I don't think there's an accessible way of doing this. Anything that
> allows a screen reader to speak the email address would also be
> susceptible to spammers email scrapers.
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
>
> Copy-n-paste just gives you the email address backwards; screen readers,
> because we are using logical ordering and it is stored in memory the way we
> expect to read it, will read it correctly.
>
> I was not aware that email harvesters used screen readers. Do you have some
> documentation I could read to get up to speed on this?
>
> Marc Hall
> HallMarc Websites
> So many spammers, so few bullets...
>
>
> __________ Information from ESET Smart Security, version of virus signature
> database 5199 (20100615) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>


I didn't say the harvesters used screen readers. I'm saying that if
something is in plain text that a screen reader can understand, what's
to stop an email address harvester? It's not worth their time to analyse
every image (think about where Google is with image searching right now,
and they have a lot more resources at their disposal) but it is easy
enough to read text in a web page. At a push, it's possible to believe
that some might be using rendered CSS to see how an email is rendered.

Thing is, it's nigh on impossible to hide an email address. Use it once
on a mailing list like this and it's there for the whole world to see on
archive listings. I even though that my email wouldn't be found in
a .pdf CV I'd made, but thanks to Google it is now!

Basically, it might not be worth the effort to hide email addresses, and
instead see about setting up spam filtering at the server level. You
don't have to download and filter it your end, and it saves on
bandwidth.

Thanks,
Ash
http://www.ashleysheridan.co.uk