FrontPage Spam Spoiler Addin

[Tom Pepper Willett]

We see a lot of questions in the FP newsgroups asking how to mask email
addresses on web pages so the spam harvesters can't find them.

I want to share with you that my friend Jim Chesire of JIMCO Addins has put
together another free FrontPage addin called "Spam Spoiler" which uses
JavaScript to insert e-mail links designed to foil the spam harvesters.

Jimco has got it available for download at www.jimcoaddins.com


--
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/office.aspx?assetid=FX01085802
FrontPage 2003 Product Information:
http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
Understanding FrontPage:
http://msdn.microsoft.com/office/understanding/frontpage/
FrontPage 2002 Server Extensions Support Center:
http://support.microsoft.com/default.aspx?scid=fh;en-us;fp10se
===

 

[MD Websunlimited]

You may also wish to take a look at Spam Stopper by Webs Unlimited.
http://www.websunlimited.com/order/Product/SpamStopper/spam_stopper_help_dir.htm

Compare to Spam Spoiler
Spam Stopper allows you to edit inserted links.
Spam Stopper links are visible in the page.
Spam Stopper converts existing mailto tags into Spam Stopper links automatically.


--
Mike -- FrontPage MVP '97-'02
J-Bots 2004 102 Components For FP
http://www.websunlimited.com
FrontPage Add-ins Since '97 FP 2003 / 2002 / 2000 Compatible
Download the Trial http://www.microsoft.com/frontpage/downloads/addin/launchupdate/download.asp

 

[Jim Cheshire \(JIMCO\)]

We see a lot of questions in the FP newsgroups asking how to mask
email addresses on web pages so the spam harvesters can't find them.

I want to share with you that my friend Jim Chesire of JIMCO Addins
has put together another free FrontPage addin called "Spam Spoiler"
which uses JavaScript to insert e-mail links designed to foil the
spam harvesters.

Jimco has got it available for download at www.jimcoaddins.com

Thanks, Tom. Spam Spoiler uses a different technique than some others you
may have seen. The most noticeable difference between Spam Spoiler and
others is that Spam Spoiler actually works! The techniques used by the
other guys are easily circumvented by the spam-bots.

--
Jim Cheshire
JIMCO
http://www.jimcoaddins.com

Check out Spam Spoiler, our new add-in!
Add e-mail links to your Web site again
without fear of spammers!

 

[Tom Pepper Willett]

It is my experience in the past from others I have used, that the the
javascript encoding used by other spam type stoppers is in fact easily
overcome by the spam bots, who actually can read the address from it.

They have figured out how to piece the mail address together. That's why I
was so pleased with your new one.

I have been using a little program put together by another FP MVP which uses
an external.js file, and it works extremely well.

But yours is much faster and simpler.

Tom
.. --
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/office.aspx?assetid=FX01085802
FrontPage 2003 Product Information:
http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
Understanding FrontPage:
http://msdn.microsoft.com/office/understanding/frontpage/
FrontPage 2002 Server Extensions Support Center:
http://support.microsoft.com/default.aspx?scid=fh;en-us;fp10se
===
....
| Tom Pepper Willett wrote:
| > We see a lot of questions in the FP newsgroups asking how to mask
| > email addresses on web pages so the spam harvesters can't find them.
| >
| > I want to share with you that my friend Jim Chesire of JIMCO Addins
| > has put together another free FrontPage addin called "Spam Spoiler"
| > which uses JavaScript to insert e-mail links designed to foil the
| > spam harvesters.
| >
| > Jimco has got it available for download at www.jimcoaddins.com
|
| Thanks, Tom. Spam Spoiler uses a different technique than some others you
| may have seen. The most noticeable difference between Spam Spoiler and
| others is that Spam Spoiler actually works! The techniques used by the
| other guys are easily circumvented by the spam-bots.
|
| --
| Jim Cheshire
| JIMCO
| http://www.jimcoaddins.com
|
| Check out Spam Spoiler, our new add-in!
| Add e-mail links to your Web site again
| without fear of spammers!
|
|
|

 

[Chuck Davis]

I believe that FP Forms are much more secure...

 

[Tom Pepper Willett]

FP Forms show the address in the code...

--
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/office.aspx?assetid=FX01085802
FrontPage 2003 Product Information:
http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
Understanding FrontPage:
http://msdn.microsoft.com/office/understanding/frontpage/
FrontPage 2002 Server Extensions Support Center:
http://support.microsoft.com/default.aspx?scid=fh;en-us;fp10se
===
"Chuck Davis" <newsgroup at anthemwebs dot com> wrote in message
|I believe that FP Forms are much more secure...
| | > We see a lot of questions in the FP newsgroups asking how to mask email
| > addresses on web pages so the spam harvesters can't find them.
| >
| > I want to share with you that my friend Jim Chesire of JIMCO Addins has
| > put
| > together another free FrontPage addin called "Spam Spoiler" which uses
| > JavaScript to insert e-mail links designed to foil the spam harvesters.
| >
| > Jimco has got it available for download at www.jimcoaddins.com
| >
| >
| > --
| > ===
| > Tom "Pepper" Willett
| > Microsoft MVP - FrontPage
| > ---
| > About FrontPage 2003:
| > http://office.microsoft.com/home/office.aspx?assetid=FX01085802
| > FrontPage 2003 Product Information:
| > http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
| > Understanding FrontPage:
| > http://msdn.microsoft.com/office/understanding/frontpage/
| > FrontPage 2002 Server Extensions Support Center:
| > http://support.microsoft.com/default.aspx?scid=fh;en-us;fp10se
| > ===
| >
| >
|
|

 

[MD Websunlimited]

Really?

Spam Spoiler makes it extremely easy to harvest as the values used are global variables in the page, e.g.,

<script language="JavaScript">
var userTo = 'test';
var domainTo = 'mysite.com';
var userCC = '';
var domainCC = '';
var userBCC = '';
var domainBCC = '';
.....
</script>

So to get the email address in code is:

emailaddress = userTo + '@' + domainTo;

So it is very simplistic to harvest Spam Spoiler.

BTW, you would not biased would you ;>)

--
Mike -- FrontPage MVP '97-'02
J-Bots 2004 102 Components For FP
http://www.websunlimited.com
FrontPage Add-ins Since '97 FP 2003 / 2002 / 2000 Compatible
Download the Trial http://www.microsoft.com/frontpage/downloads/addin/launchupdate/download.asp

 

[MD Websunlimited]

Chuck,

The intrinsic FP Email Form is not as the webbot code contains the full email address and it is not a substitute for an mailto.

Using a form designed in FP with ASP handling is the most secure.

--
Mike -- FrontPage MVP '97-'02
J-Bots 2004 102 Components For FP
http://www.websunlimited.com
FrontPage Add-ins Since '97 FP 2003 / 2002 / 2000 Compatible
Download the Trial http://www.microsoft.com/frontpage/downloads/addin/launchupdate/download.asp

 

[Chuck Davis]

FP Forms show the address in the code...

--
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/office.aspx?assetid=FX01085802
FrontPage 2003 Product Information:
http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
Understanding FrontPage:
http://msdn.microsoft.com/office/understanding/frontpage/
FrontPage 2002 Server Extensions Support Center:
http://support.microsoft.com/default.aspx?scid=fh;en-us;fp10se
===
"Chuck Davis" <newsgroup at anthemwebs dot com> wrote in message
|I believe that FP Forms are much more secure...
| | > We see a lot of questions in the FP newsgroups asking how to mask
email
| > addresses on web pages so the spam harvesters can't find them.
| >
| > I want to share with you that my friend Jim Chesire of JIMCO Addins
has
| > put
| > together another free FrontPage addin called "Spam Spoiler" which uses
| > JavaScript to insert e-mail links designed to foil the spam
harvesters.
| >
| > Jimco has got it available for download at www.jimcoaddins.com
| >
| >
| > --
| > ===
| > Tom "Pepper" Willett
| > Microsoft MVP - FrontPage
| > ---
| > About FrontPage 2003:
| > http://office.microsoft.com/home/office.aspx?assetid=FX01085802
| > FrontPage 2003 Product Information:
| > http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
| > Understanding FrontPage:
| > http://msdn.microsoft.com/office/understanding/frontpage/
| > FrontPage 2002 Server Extensions Support Center:
| > http://support.microsoft.com/default.aspx?scid=fh;en-us;fp10se
| > ===
| >
| >
|
|

Tom, I stand corrected. When I changed all of my web site e-mail addresses
to a link to one site and then asked the viewer to complete the form, using
a new alias e-mail address the volume dropped from over 100 a day to four or
five.

I never looked at the code until this morning. Big surprise to me.

Mike has responded in another post on this same thread that FP Form with ASP
handling is more secure. Now, I will start a new education program for
myself.

Any pointers setting up ASP?

Thank you.

 

[Jim Cheshire \(JIMCO\)]

Mike has responded in another post on this same thread that FP Form
with ASP handling is more secure. Now, I will start a new education
program for myself.

Mike is right about that. Any time that you put a mailto link in the page
using any method, you do run the risk of the spam bots eventually
circumventing it. A server-side solution is always the best option because
it allows you to completely remove the e-mail address in any form from the
page.

--
Jim Cheshire
JIMCO
http://www.jimcoaddins.com

Check out Spam Spoiler, our new add-in!
Add e-mail links to your Web site again
without fear of spammers!

 

[Jim Cheshire \(JIMCO\)]

Really?

Spam Spoiler makes it extremely easy to harvest as the values used
are global variables in the page, e.g.,

I'm afraid you're wrong about that. For example, if you were using
(e-mail address removed) as the e-mail address, what you would see in Spam Spoiler's
code is "test" and then later on you would see "mysite.com". These are put
together on the fly using the document object model of the browser.

If you know how spam-bots work, you will know that this method does not
allow spam harvesters to get your e-mail. This is the preferred method of
e-mail masking if you're going to use JavaScript.

--
Jim Cheshire
JIMCO
http://www.jimcoaddins.com

Check out Spam Spoiler, our new add-in!
Add e-mail links to your Web site again
without fear of spammers!

 

[MD Websunlimited]

Pardon me but you're assuming I don't know how spam-bots work, I do. Most will simply "tear" the page then parse it for anchor tags
looking for those with mailto hrefs and then harvest the email address. Those that are FP smart will look for the Save Results
webbot code and then for email attribute.

You said, "For example, if you were using (e-mail address removed) as the e-mail address, what you would see in Spam Spoiler's code is "test"
and then later on you would see "mysite.com" but actually they are next to each other.

The code being used by Spam Spoiler
<script language="JavaScript">
var userTo = 'test';
var domainTo = 'mysite.com';
var userCC = '';
var domainCC = '';
var userBCC = '';
var domainBCC = '';

My point is that because they are global page variables in JavaScript you don't even have to parse the page to extract the email
addresses.

Load the page into an instance of Explorer (control) then you can inject script to see if the variables are present.

--
Mike -- FrontPage MVP '97-'02
J-Bots 2004 102 Components For FP
http://www.websunlimited.com
FrontPage Add-ins Since '97 FP 2003 / 2002 / 2000 Compatible
Download the Trial http://www.microsoft.com/frontpage/downloads/addin/launchupdate/download.asp

 

[Mike Mueller]

: Tom, I stand corrected. When I changed all of my web site
e-mail addresses
: to a link to one site and then asked the viewer to
complete the form, using
: a new alias e-mail address the volume dropped from over
100 a day to four or
: five.
:
: I never looked at the code until this morning. Big
surprise to me.
:
: Mike has responded in another post on this same thread
that FP Form with ASP
: handling is more secure. Now, I will start a new education
program for
: myself.
:
: Any pointers setting up ASP?
:
: Thank you.

Chuck,

It is only as complicated as you want it to be- the only
thing that you need to know is what version of Windows is
the host using
CDONTS can be used on NT4 and 2000
CDOSYS can be used on 2000, XP, & 2003

Coding either is very easy- here is a CDONTS example,
reading a form

<%
dim strSender, strSubject, strBody

strSender = request.form("Sender")
--same for subject & body

dim mailer
on error resume next
Set Mailer = Server.CreateObject("CDONTS.NewMail")

mailer.from= strSender
mailer.to="(e-mail address removed)"
mailer.subject= strsubject
mailer.body=strbody

Mailer.Send
If err.num <> 0 Then
Response.Write "CDONTS Error: " & err.num & " - " &
err.description
End If

set Mailer = nothing
%>

I generally expand on this, including IP address and a
confirmation page which says that there message was sent and
puts a copy of the message for them to see. I also save it
to a database. I also use a hardcoded address for the
mailer.from to make it easier to sort- I put the actual
sender information as the reply-to:
Mailer.Value("Reply-To") = strSender

Here is the MSDN site on using CDONTS:
http://msdn.microsoft.com/library/d...ml/_denali_newmail_object_cdonts_library_.asp

 

[Chris Leeds, MVP-FrontPage]

try www.asp101.com there are some good examples there.

HTH

--
Chris Leeds,
Microsoft MVP-FrontPage

ContentSeed: great tool for web masters,
a fantastic convenience for site owners.
http://contentseed.com/
--

 

[Chris Leeds, MVP-FrontPage]

I wonder if that can be overcome in FrontPage 2003 "optimize" at publishing
feature.
when I get a chance I'm going to try it and see.......unless someone else
beats me to it. ;-)

--
Chris Leeds,
Microsoft MVP-FrontPage

ContentSeed: great tool for web masters,
a fantastic convenience for site owners.
http://contentseed.com/

 

[Thomas A. Rowe]

Yes, it will remove the webbot and then the form will not work.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================

 

[MD Websunlimited]

Thomas is correct the form components rely upon the webbot being present to retrieve the email address etc.


--
Mike -- FrontPage MVP '97-'02
J-Bots 2004 102 Components For FP
http://www.websunlimited.com
FrontPage Add-ins Since '97 FP 2003 / 2002 / 2000 Compatible
Download the Trial http://www.microsoft.com/frontpage/downloads/addin/launchupdate/download.asp

 

[Chris Leeds, MVP-FrontPage]

Thanks guys, you saved me wasted time. couldn't help but wonder though.

--
Chris Leeds,
Microsoft MVP-FrontPage

ContentSeed: great tool for web masters,
a fantastic convenience for site owners.
http://contentseed.com/
--

Thomas is correct the form components rely upon the webbot being present

to retrieve the email address etc.

 

[Tina Clarke]

Test either addin by using The willmaster test...

http://willmaster.com/possibilities/demo/RetrieveEmails.cgi

For those that need an accessible method of contact ...

you can try adding <code>@</code> around the @ sign in your email make sure
the text is not clickable, this 'at the present time' passes the willmaster
test and 'hides' your email addy. There is also the backwards css method,
however a reader would have trouble with that?? also .. add a title
attrubute to tell the user what to do to the text .. ie copy and paste to an
email editor post. ... Or you might want to use a d tag next to the js email
addy instead...then your covering both methods I'll be switching to this
myself.

Alternatively make sure your forms are accessible, well in either case...

This is a free addon.

http://www.hisoftware.com/access/valueadd9.html

The HiSoftware Accessible Form Creator allows you to create forms for web
sites containing all the additional markup required to make the forms
accessible under Section 508 standards and the W3C WCAG 1.0 Priority 1-3
Guidelines.

The HiSoftware Accessible Form Creator is intended to make creating
accessible forms easy, regardless of the skill of the developer. It is
designed for creating accessible HTML code related to the design,
appearance, accessibility and usability for the form. From there, a web
developer can then code the back-end functionality of the form, whether CGI
programs, FrontPage Extensions or other methods are used to get the form to
perform its actions. Please review the documentation for your web editing
programs, web server and other web technology you are using in order to
complete these "back-end" configurations.

Another frontpage addon that deals with forms .. cgi asp php .... is
Quask.com FormArtist it has a lite free version.

I wrote an article about the sp*am addy problem .. but it needs updating....
http://accessfp.net/protect-your-email-address.htm

hope this helps.

Tina

 

[Jim Cheshire \(JIMCO\)]

Test either addin by using The willmaster test...

http://willmaster.com/possibilities/demo/RetrieveEmails.cgi

Good tip, Tina! Anyone care to test Spam Spoiler with this? I did, and it
finds no e-mail addresses. Just check out this URL:

http://www.jimcoaddins.com/contactus.aspx

If you look, you'll see that I do have a link on that page to e-mail me.
However, enter it into this Willmaster tool, and it finds nothing.

--
Jim Cheshire
JIMCO
http://www.jimcoaddins.com

Check out Spam Spoiler, our new add-in!
Add e-mail links to your Web site again
without fear of spammers!