Looking for Python code to obsfucate mailto links on web site

[Andrew McLean]

I'm looking at putting some e-mail contact addresses on a web site, and
wanted to make it difficult for spammers to harvest them.

I found some Python code that I can call within my application.

http://www.zapyon.de/spam-me-not/

It works exactly as expected. However, I am concerned that the technique
used for obsfucating the e-mail address may be a bit weak.

Searching the web it looks like the best solution for me might be to
embed JavaScript in the web page that dynamically generates the e-mail
address in the browser client.

I've found on-line tools that will generate suitable JavaScript, but
need to automate the "encoding" process in Python.

Now I could write suitable code myself, but would be surprised if it
wasn't already available. Any pointers?

To head of a few comments I'm anticipating ;-)
- no I don't want to use a contact form
- accessibility is an issue, but I'm also including postal addresses and
phone numbers giving alternatives to e-mail. Also the main enquiry
address won't be obfuscated.

 

[Dan Sommers]

I'm looking at putting some e-mail contact addresses on a web site,
and wanted to make it difficult for spammers to harvest them.

[ ... ]

Searching the web it looks like the best solution for me might be to
embed JavaScript in the web page that dynamically generates the e-mail
address in the browser client.

[ ... ]

Now I could write suitable code myself, but would be surprised if it
wasn't already available. Any pointers?

Pointers? What do you think this is, C? ;-) Try this:

def spam_averse_email_address( email_address, text ):
"""return HTML-embedded javascript to create a spam-averse mailto link"""

def char_codes( a_string ):
return ",".join(str(ord(a_char)) for a_char in a_string)

return """<script type="text/javascript">
<!--
document.write(
'<a href="mailto:'
+ String.fromCharCode(%s)
+ '">'
+ String.fromCharCode(%s)
+ '<\/A>');
// -->
</script>""" % (char_codes(email_address), char_codes(text))

The newlines within the triple quoted string are important; use that
function something like this:

print "<html>"
print "<head><title>Title</title></head>
print "<body>
print "<P>%s</P>" % spam_averse_email_address( '(e-mail address removed)',
'click here to email me' )
print "</body>"
print "</html>"

You mentioned accessibility; make sure that your HTML does something
sensible if the user's browser doesn't do javascript.

HTH,
Dan

 

[James Stroud]

I'm looking at putting some e-mail contact addresses on a web site,
and wanted to make it difficult for spammers to harvest them.

[ ... ]

Searching the web it looks like the best solution for me might be to
embed JavaScript in the web page that dynamically generates the e-mail
address in the browser client.

[ ... ]

Now I could write suitable code myself, but would be surprised if it
wasn't already available. Any pointers?

Pointers? What do you think this is, C? ;-) Try this:

def spam_averse_email_address( email_address, text ):
"""return HTML-embedded javascript to create a spam-averse mailto link"""

def char_codes( a_string ):
return ",".join(str(ord(a_char)) for a_char in a_string)

return """<script type="text/javascript">
<!--
document.write(
'<a href="mailto:'
+ String.fromCharCode(%s)
+ '">'
+ String.fromCharCode(%s)
+ '<\/A>');
// -->
</script>""" % (char_codes(email_address), char_codes(text))

The newlines within the triple quoted string are important; use that
function something like this:

print "<html>"
print "<head><title>Title</title></head>
print "<body>
print "<P>%s</P>" % spam_averse_email_address( '(e-mail address removed)',
'click here to email me' )
print "</body>"
print "</html>"

You mentioned accessibility; make sure that your HTML does something
sensible if the user's browser doesn't do javascript.

HTH,
Dan

Bruno Desthuilliers has a nice one-liner:

python -c "print '@'.join(['.'.join([w[::-1] for w in p.split('.')]) for
p in '(e-mail address removed)'.split('@')])"


I came up with this:

python <<EOF
print "".join([chr(ord(i)^ord(j)^64) for (i,j) in
zip('hpqudxu','BCEGKMQ')] +
list('ude.alcu.ibm@'[::-1]))
EOF

For mine, you you'll have to reverse the algorithm to generate the
"cipher text".

James

--
James Stroud
UCLA-DOE Institute for Genomics and Proteomics
Box 951570
Los Angeles, CA 90095

http://www.jamesstroud.com/

 

[Andrew McLean]

I'm looking at putting some e-mail contact addresses on a web site,
and wanted to make it difficult for spammers to harvest them.

[ ... ]

Searching the web it looks like the best solution for me might be to
embed JavaScript in the web page that dynamically generates the e-mail
address in the browser client.

[ ... ]

Now I could write suitable code myself, but would be surprised if it
wasn't already available. Any pointers?

Pointers? What do you think this is, C? ;-) Try this:

def spam_averse_email_address( email_address, text ):
"""return HTML-embedded javascript to create a spam-averse mailto link"""

def char_codes( a_string ):
return ",".join(str(ord(a_char)) for a_char in a_string)

return """<script type="text/javascript">
<!--
document.write(
'<a href="mailto:'
+ String.fromCharCode(%s)
+ '">'
+ String.fromCharCode(%s)
+ '<\/A>');
// -->
</script>""" % (char_codes(email_address), char_codes(text))

The newlines within the triple quoted string are important; use that
function something like this:

print "<html>"
print "<head><title>Title</title></head>
print "<body>
print "<P>%s</P>" % spam_averse_email_address( '(e-mail address removed)',
'click here to email me' )
print "</body>"
print "</html>"

You mentioned accessibility; make sure that your HTML does something
sensible if the user's browser doesn't do javascript.

HTH,
Dan

That's great. Just what I was looking for.