|
Bloggers and Web site owners use many different tricks to curtail having their contact information
harvested by spam bots while still making it easily available to humans. Spam bots are a spin-off of the same sort of automated
programs used by search engines, which are called spiders because they crawl the Web gathering information about site pages. The
spiders collect data primarily from meta tags in the page’s code. These include the description and keywords meta tags. Spam bots,
on the other hand, look through the page’s code in search of terms like “mailto” or the “@” symbol. These are dead giveaways that an
email address is contained in that part of the code.
The simplest way to foil a spam bot is to create a string of characters that will confuse the bot but be
intelligible to a human reader. For example, the email address me@mysite.com can be rewritten as me (at) mysite [dot] com. This keeps
the bot from simply copying any useful data directly. A special programming language like Javascript can be used to make a similar string
inside the code. As the script is processed, it strips out the extra characters and only displays the email address to the viewer. This makes
the code unintelligible to the bot, but appears normally to the viewer. One such service that stays a step ahead of the bots is
The Enkoder Form from Hivelogic.
Adding extraneous characters slowed down spam for a while, but bots have
become smarter too and can sometimes tease out the actual email address from the simple strings. Most blog templates, such as those used on Blogger,
allow HTML and Javascript code to be inserted in a widget that will appear in the sidebar. One of the best ways you can protect your email address
is to have it hidden in a string that will appear normally to the viewer, as mentioned above. It’s not 100% foolproof, but will certainly diminish
your spam.
A new trick to protect contact forms on Web sites was created by folks at IBM and is called CAPTCHA, which is an
acronym that stands for “Completely Automated Public
Turing test to tell Computers and Humans Apart." It displays a random image of mangled words
or numbers that a bot cannot read but a human can. When the viewer types in the correct words, the form is processed and sent to the owner.
Advancements in image recognition software are making it possible for bots to now read these words. This means that CAPTCHA will eventually fail
as a foolproof method to stop the harvesting of email addresses.
The latest twists on random word image CAPTCHA methods are simple math questions such as “2 + 3 = ?” where the viewer
fills in the blank, and a series of dog and cat images where the viewer is asked to select only the cats. These methods are still proving to be
problematic for many bots, but eventually the math code will be decipherable. It will take longer for the bots to figure out how to deal with the
cats and dogs.
Another way to protect an email address on a contact form is to hire a programmer who is fluent in the PHP and/or the
Javascript languages and can create special code that will validate the fields in the form. Usually this method double checks to ensure a viewer
includes critical information such as their name or email address before processing the form. Bots don’t tend to leave any fields empty because the
form may not process properly without them. A coder can insert a field that is hidden from a human viewer and then check to see if a bot filled it with
information. Since the human couldn’t fill in a field they couldn’t see, the form is not processed because a bot likely supplied the information in the hidden field.
For bloggers, even if you protect your email address by using code in a widget, it could still be showing up in ways you might not be aware.
For instance, if you offer an RSS feed for your posts, your email address may be displayed in the author section of the feed just below the title. You won’t see this
on your actual post, just on the feed. It is being provided from your profile information. If you have a Blogger account, it’s easy to check the information in your
profile. Instructions follow below, but there’s something to keep in mind about using this method.
It will remove your email address from your RSS feed and will display the following by line information: “by noreply@blogger.com
(your name)”, where “your name” is the display name you chose in your profile. Electing to not display your email address will also remove it from your
profile information that is publicly displayed. This means that if your blog page is your only Web presence, you will need to display your contact information
in the sidebar. If your blog is a supplement to a Web site, then you can simply include your site URL in your profile as well as a link to the site URL in the
sidebar. This will direct folks to the contact form on your site where you have better anti-spam security.
To check your profile information on Blogger, do the following:
- Log in to your Blogger account.
- From the Dashboard, in the left corner, click “Edit Profile”.
- In the “Privacy” section, ensure the box for “show my email address” is unchecked.
- You do not need to make any changes to the email address you have listed in the “Identity” section.
- Click the “Save Profile” button at the bottom of the page.
Another important thing to keep in mind is that if your current email address is already being deluged with spam, these
methods won’t stop spammers who already have it from sending you more unwanted emails. If you decide to use one of the tricks listed here, you’ll want
to do it on a new email address.
No matter what method you use to curtail spam, the bot creators are continually improving their methods to gain access to your email
address. It’s likely that you will need to update your method of protection every two years or less.
|
