X-Original-To: pgsql-www-postgresql.org@localhost.postgresql.org
Received: from localhost (neptune.hub.org [200.46.204.2])
	by svr1.postgresql.org (Postfix) with ESMTP id 93B54D1B48F
	for <pgsql-www-postgresql.org@localhost.postgresql.org>;
	Fri,  5 Dec 2003 12:55:52 +0000 (GMT)
Received: from svr1.postgresql.org ([200.46.204.71])
	by localhost (neptune.hub.org [200.46.204.2]) (amavisd-new, port 10024)
	with ESMTP id 44552-07
	for <pgsql-www-postgresql.org@localhost.postgresql.org>;
	Fri,  5 Dec 2003 08:55:24 -0400 (AST)
Received: from smtp-send.myrealbox.com (smtp-send.myrealbox.com
	[192.108.102.143])
	by svr1.postgresql.org (Postfix) with ESMTP id 5F15DD1B475
	for <pgsql-www@postgresql.org>; Fri,  5 Dec 2003 08:55:20 -0400 (AST)
Received: from myrealbox.com grzm@smtp-send.myrealbox.com [61.115.206.98]
	by smtp-send.myrealbox.com with NetMail SMTP Agent $Revision: 3.45 $ on
	Novell NetWare; Fri, 05 Dec 2003 05:55:08 -0700
Date: Fri, 5 Dec 2003 21:55:03 +0900
Subject: Re: Replacing @ with " at "
Content-Type: text/plain; charset=WINDOWS-1252; format=flowed
Mime-Version: 1.0 (Apple Message framework v553)
Cc: Devrim GUNDUZ <devrim@gunduz.org>, Dave Page <dpage@vale-housing.co.uk>,
	PostgreSQL WWW Mailing List <pgsql-www@postgresql.org>
To: Robert Treat <xzilla@users.sourceforge.net>
From: Michael Glaesemann <grzm@myrealbox.com>
In-Reply-To: <200312050734.39069.xzilla@users.sourceforge.net>
Message-Id: <3E6B035C-2722-11D8-87EA-0005029FC1A7@myrealbox.com>
Content-Transfer-Encoding: quoted-printable
X-Mailer: Apple Mail (2.553)
X-Virus-Scanned: by amavisd-new at postgresql.org
X-Archive-Number: 200312/46
X-Sequence-Number: 3106


On Friday, December 5, 2003, at 09:34 PM, Robert Treat wrote:
> Theres a couple solutions to this:
>
> 1) Don't make the email address a link
> 2) make the mailto be a valid link, but the words on the page not
> 3) add a checkbox to the submit page to "obfuscate email", so that=20
> s/@/at, and
> not a link, or we'll leave in @ and make it a link.

As for 2, if the mailto is literal text in the html, a spambot is going=20
to pick it up regardless=97my guess is it's even more likely to pick up a=
=20
mailto: link than just a address elsewhere on the page. I know there=20
are ways of obfuscating the email address using Javascript (such as=20
Hiveware's Enkoder http://www.hiveware.com/enkoder.php for Mac OS X.=20
Pretty cool, as it even varies the Javascript so bots have more trouble=20
learning it. I know someone a lot smarter than me can figure out how to=20
turn this into a server-side solution, and I'm sure someone probably=20
already has.)

1 & 3 seem fine, though it would be nice of the mailto: worked as a=20
link.

Michael Glaesemann
grzm myrealbox com