Zarma's Email AntiLeech

Email AntiLeech
© 2002 by Frédéric Andrieux de Zarma

Why using this script ?
As mass marketing, multi-level marketing (MLM) and SPAMming are growing out of control, people tend to use softwares to steal email addresses from all sites big and small. These softwares are working like robots and browse your entire site, grabbing everything looking like an email address. As a result, your visitors get dozens of unsolicited emails in their box... most being porn or similar offensive content - not very wise when your children are using the same computer -, some being infected with a virus and the rest being pure junk marketing.
Though not as secure as a CGI mailing form, this very simple yet original script will prevent any software from finding a single email address on your pages... More, it can trace the culprit !

What it does...
Basically, it replaces a chosen string by @ in any coded address it processes then it launches the client email software with the proper (decoded) address.

How it works...
First, you need to insert the following code into your pages:
  <script language="javascript"> function zarma_antileech (zarma_tmp_address) { zarma_tmp_address = zarma_tmp_address.split("*"); // You may change * for any string zarma_tmp_address = zarma_tmp_address.join("@"); window.open ('mailto:'+zarma_tmp_address,'_blank'); } </script> 
If you wish to make it more difficult for a programmer to build a script that would automatically read * as @, just modify the following line:
address = address.split("*");
and replace the * with any string of your choice without spaces, remembering to start and end it with anything but a letter, a number, an underscore, an hyphen or a dot (e.g. *noleech* or :-) would work when *no leech* or ;-P would not).

If you use SSI on your site for banners, menus, header or whatever, just add the script to the existing file and... voilà... you have it on all pages. It is better to place it within your <HEAD></HEAD> tags or just after the <BODY> opening tag if you want to avoid all JavaScript error messages.

Then you need to replace @ in all email addresses with the string or the sign you set previously and replace all usual:
<a href="mailto:my_address@my_site.com>
with the new syntax:
<a href="javascript://" onClick="sendmail('my_address*my_site.com');return false">
In this example, * is used as the sign set.

Of course, if you have a BBS, a forum, a directory or any automated page displaying emails, you can very easily modify the related script to make it display the modified email addresses and the new <a> tag automatically.
Remember to avoid placing the actual email address as the link:
<a href="javascript://" onClick="sendmail('my_address*my_site.com');return false">my_address@my_site.com</a>
would make the script useless... Instead, use a sentence, a name or an icon.

FUNNY TIP: if you want to trace the people who use a grabbing software on your site, set the string to (spam@my_domain.com) where spam@my_domain.com is to be replaced with a specific email account of your own, created ONLY for receiving SPAMmers messages. The email tags will then look like:
<a href="javascript://" onClick="sendmail('john(spam@my_domain.com)realsite.com');return false">
and the software will only grab "spam@mydomain.com" as a valid email address. When the person will send his mass marketing, you will receive it in your dedicated SPAMmers email account and know that the sender used a software to steal emails from your site.
You should then send a complaint to his ISP in order to have his account closed... just be mean for once...

Here you go... you now have all information needed to secure your site. Let the grabbers-hunting begin !

Working example: click to send an email to Frédéric Andrieux de Zarma (this will be sent to nowhere)

A large use of the script can be seen all through ArTatoO! (http://www.artatoo.com)... try the catalog or artists galleries.


	©1997-2004 by Frédéric Andrieux de Zarma - All Rights Reserved