CastleCops® Publishing email addresses

Need help? Click here to register for free! Absolutely zero advertisements on this site!

**$9736.22 of $21422.68**

Help CastleCops serve the community on new servers, Donate Here to reach our goal.

	Donation/Premium

	Donations. Become Premium Today!

	Security Central

	· Home · PIRT/Fried Phish · MIRT · SIRT · Deutsch · Wiki · Newsletter · O16/ActiveX · CLSID List · Contest2007 · Downloads · Feedback (send) · Forums · HijackThis · Hijacktrend · LSPs · My Downloads · O18 · O20 · O21 · O22 · O23 · O9 · Premium · Private Messages · Proxomitron · Reviews · Search · StartupList · Stories Archive · Submit News · WsIRT · Your Account · Acceptable Use Policy

Survey

Forum FAQ

Usergroups

Profile

Select FavForums

Publishing email addresses

All -> FavForums -> General Site

[del.icio.us!] [digg it!] [reddit!]

View previous topic :: View next topic

Author

Message

pwillener

SRT Trainee

Premium Member

Joined: Apr 17, 2006
Posts: 1665
Location: Japan

Posted: Sat Apr 12, 2008 8:43 am Post subject: Publishing email addresses

I think this forum should not publish email addresses, i.e. should not make them available to harvesting bots.

Currently email addresses are prefixed with 'mailto:', which makes them clickable, but also highly findable for harvesting bots. But even without that prefix, unmunged email addresses can be easily found and harvested.

Many forum regulars manually mung email addresses, but I think this task should not rest with the poster, but with the forum software.

What I propose: the forum software should automatically mung email addresses when found. At the same time it should be visibly marked as munged, and also posted in a way so that forum members can still copy and paste it.

A suggestion how to achieve this

Code:

[i][color=orange]name[/color][color=orange]@[/color][color=orange]domain[/color][color=orange].[/color][color=orange]tld[/color][/i]

This address would be published as name@domain.tld; it can be copied by forum users, but highly unlikely be spotted by bots.

I know this is probably not as easy to implement as I think it is; i.e. what to do if someone quotes a post with a munged email address - would it/should it appear plain unmunged, then be munged again when posted?

Paul

CastleCops Founder

Joined: Feb 22, 2002
Posts: 27351

Posted: Sat Apr 12, 2008 5:29 pm Post subject:

Good suggestion. _________________ Paul Laudanski - http://www.laudanski.com http://www.linkedin.com/pub/1/49a/17b

Ikeb

Special Response Team
Forums Admin

Joined: Apr 20, 2003
Posts: 16483

Posted: Sat Apr 12, 2008 6:02 pm Post subject:

Pat, if you could locate a phpBB mod, it would make life so much easier....

_________________

CastleCopsWiki

pwillener

SRT Trainee

Premium Member

Joined: Apr 17, 2006
Posts: 1665
Location: Japan

Posted: Mon Apr 14, 2008 4:05 am Post subject:

I think I found something: http://www.phpbb.com/community/viewtopic.php?f=94&t=238602 (Posted email JS; using JavaScript to hide addresses from bots). I wonder what will happen to users who have JS disabled on their browser; will they not be able to see a posted email address?

	All -> FavForums -> General Site	All times are GMT
Page 1 of 1

You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


	2002-2008 � Computer Cops LLC dba CastleCops®. All rights reserved. Acceptable Use Policy. Use signifies your agreement. 113ppm 4.944s (4.352s) Making cybercriminals unhappy since 2002*