By John Gruber
Shaker & Spoon: A monthly cocktail box delivering original recipes plus all you need to make them!
Dan Benjamin has launched Hiveware, purveyors of fine software. Their first project is Enkoder, an update to Mr. Benjamin’s previous Hivelogic Email Address Encoder. You can tell that the new Enkoder is better and more fun, because its name is spelled with a k.
The Enkoder is available in three forms, all free of charge:
It is natural and convenient to use
mailto links in web pages so that readers can send you email. The problem, however, is that spammers have written spidering programs that crawl the web, looking for email addresses. If you put an address on a web page in plain text, soon thereafter you will begin receiving spam at that address.
A rudimentary defense is to use HTML entities to encode your address. This was the mechanism we previously applied here at Daring Fireball. For example, instead of using the letter “c”, you instead use the decimal entity “
c” or the hexadecimal entity “
c”. Repeat for every character in your address and your address will be protected from many spam harvesters.
Many, not all.
The problem with this technique is that it isn’t very hard at all to write a spam harvesting spider that can decode HTML entities. A few lines of Perl will do it.
We’re using it here at Daring Fireball. We recommend you do the same.