E-mail List Archives

Thread: obfuscating email addresses

for

Number of posts in this thread: 6 (In chronological order)

From: Jeremy Merritt
Date: Thu, Feb 19 2015 11:23AM
Subject: obfuscating email addresses
No previous message | Next message →

Hello!

I have been asked to look into ways to obfuscate email addresses made available online so that automated bots and email harvesters have a more difficult time collecting. I realize that obfuscating email addresses is a controversial subject and is not foolproof, but alas I have been tasked with coming up with some recommendations.

It is important to us that any solution does not make email addresses inaccessible to legitimate users. I've read a number of (old) articles on methods to obfuscate email addresses, such as http://doteduguru.com/id415-e-mail-obfuscation.html . In this blog, the author suggests that some simple (and reportedly effective) methodologies make the email addresses inaccessible to users of screen readers. However, in my testing using the current (trial) version of JAWS, I haven't found this to be the case.

I put 4 email addresses up on a simple web page at http://wiu.edu/users/mujtm6/spam/ and was able to hear the correct email addresses when I tested the site in JAWS. Each of these email addresses uses a different method for "obfuscating" the email in some way. The pertinent source code is below. As I am not a very savvy screen reader user, I would like some feedback from some of you that are more familiar. Do any of these cause accessibility problems?


[CODE BELOW]

<ul>
<li><span class="nospam"><span class="u">william</span><span class="at">@</span><span class="d">domain.com</span></span></li>
<li>john<span style="display:none;">bogus</span> = EMAIL ADDRESS REMOVED = </li>
<li>robert&#64;domain&#46;com</li>
<li>sally@<!--bogus-->domain.com </li>
</ul>

[END CODE]


Best,

Jeremy

From: Wloch, Rob
Date: Thu, Feb 19 2015 2:03PM
Subject: Re: obfuscating email addresses
← Previous message | Next message →

Hi Jeremy,

I listened to your 4 email addresses using the NVDA screen reader and heard them all correctly too.

Thanks, Rob.

-----Original Message-----
From: = EMAIL ADDRESS REMOVED = [mailto: = EMAIL ADDRESS REMOVED = ] On Behalf Of Jeremy Merritt
Sent: February 19, 2015 1:24 PM
To: = EMAIL ADDRESS REMOVED =
Subject: [WebAIM] obfuscating email addresses

Hello!

I have been asked to look into ways to obfuscate email addresses made available online so that automated bots and email harvesters have a more difficult time collecting. I realize that obfuscating email addresses is a controversial subject and is not foolproof, but alas I have been tasked with coming up with some recommendations.

It is important to us that any solution does not make email addresses inaccessible to legitimate users. I've read a number of (old) articles on methods to obfuscate email addresses, such as http://doteduguru.com/id415-e-mail-obfuscation.html . In this blog, the author suggests that some simple (and reportedly effective) methodologies make the email addresses inaccessible to users of screen readers. However, in my testing using the current (trial) version of JAWS, I haven't found this to be the case.

I put 4 email addresses up on a simple web page at http://wiu.edu/users/mujtm6/spam/ and was able to hear the correct email addresses when I tested the site in JAWS. Each of these email addresses uses a different method for "obfuscating" the email in some way. The pertinent source code is below. As I am not a very savvy screen reader user, I would like some feedback from some of you that are more familiar. Do any of these cause accessibility problems?


[CODE BELOW]

<ul>
<li><span class="nospam"><span class="u">william</span><span class="at">@</span><span class="d">domain.com</span></span></li>
<li>john<span style="display:none;">bogus</span> = EMAIL ADDRESS REMOVED = </li>
<li>robert&#64;domain&#46;com</li>
<li>sally@<!--bogus-->domain.com </li>
</ul>

[END CODE]


Best,

Jeremy

From: _mallory
Date: Fri, Feb 20 2015 3:21AM
Subject: Re: obfuscating email addresses
← Previous message | Next message →

On Thu, Feb 19, 2015 at 12:23:55PM -0600, Jeremy Merritt wrote:
> <li>robert&#64;domain&#46;com</li>

The entity version should always be exactly as accessible as no-entities.
Browsers do the work of turning these into characters, long before any
AT gets ahold of them.
Then again, if a browser can do it, a bot can too. Just seems most don't
bother.

_mallory

From: Patrick H. Lauke
Date: Fri, Feb 20 2015 4:44AM
Subject: Re: obfuscating email addresses
← Previous message | Next message →

On 20/02/2015 10:21, _mallory wrote:
> On Thu, Feb 19, 2015 at 12:23:55PM -0600, Jeremy Merritt wrote:
>> <li>robert&#64;domain&#46;com</li>
>
> The entity version should always be exactly as accessible as no-entities.
> Browsers do the work of turning these into characters, long before any
> AT gets ahold of them.
> Then again, if a browser can do it, a bot can too. Just seems most don't
> bother.

Once they do, instead of trying to find another solution, I'd say the
longer-term advice is to invest in some good mail-server-side anti-spam
solutions instead, but maybe that's just me.

P
--
Patrick H. Lauke

www.splintered.co.uk | https://github.com/patrickhlauke
http://flickr.com/photos/redux/ | http://redux.deviantart.com
twitter: @patrick_h_lauke | skype: patrick_h_lauke

From: Sawyer, Tamara (MMB)
Date: Fri, Feb 20 2015 8:11AM
Subject: Re: obfuscating email addresses
← Previous message | Next message →

I listened to the four email addresses using both JAWS and NVDA, and heard them all correctly. Hope that helps!

Tamara

TAMARA SAWYER | INFORMATION OFFICER | MANAGEMENT SERVICES DIVISION
MINNESOTA MANAGEMENT & BUDGET
651.259.3792 | = EMAIL ADDRESS REMOVED = | MN.GOV/MMB




-----Original Message-----
From: Jeremy Merritt [mailto: = EMAIL ADDRESS REMOVED = ]
Sent: Thursday, February 19, 2015 12:24 PM
To: = EMAIL ADDRESS REMOVED =
Subject: [WebAIM] obfuscating email addresses

Hello!

I have been asked to look into ways to obfuscate email addresses made available online so that automated bots and email harvesters have a more difficult time collecting. I realize that obfuscating email addresses is a controversial subject and is not foolproof, but alas I have been tasked with coming up with some recommendations.

It is important to us that any solution does not make email addresses inaccessible to legitimate users. I've read a number of (old) articles on methods to obfuscate email addresses, such as http://doteduguru.com/id415-e-mail-obfuscation.html . In this blog, the author suggests that some simple (and reportedly effective) methodologies make the email addresses inaccessible to users of screen readers. However, in my testing using the current (trial) version of JAWS, I haven't found this to be the case.

I put 4 email addresses up on a simple web page at http://wiu.edu/users/mujtm6/spam/ and was able to hear the correct email addresses when I tested the site in JAWS. Each of these email addresses uses a different method for "obfuscating" the email in some way. The pertinent source code is below. As I am not a very savvy screen reader user, I would like some feedback from some of you that are more familiar. Do any of these cause accessibility problems?


[CODE BELOW]

<ul>
<li><span class="nospam"><span class="u">william</span><span class="at">@</span><span class="d">domain.com</span></span></li>
<li>john<span style="display:none;">bogus</span> = EMAIL ADDRESS REMOVED = </li>
<li>robert&#64;domain&#46;com</li>
<li>sally@<!--bogus-->domain.com </li>
</ul>

[END CODE]


Best,

Jeremy

From: Scott González
Date: Fri, Feb 20 2015 9:00AM
Subject: Re: obfuscating email addresses
← Previous message | No next message

GitHub just encodes every character and I don't think they've had any
issues with bots. Here's what the code for my email address looks like on
their site:

<a class="email" href="
mailto:&#x73;&#x63;&#x6f;&#x74;&#x74;&#x2e;&#x67;&#x6f;&#x6e;&#x7a;&#x61;&#x6c;&#x65;&#x7a;&#x40;&#x67;&#x6d;&#x61;&#x69;&#x6c;&#x2e;&#x63;&#x6f;&#x6d;
< = EMAIL ADDRESS REMOVED = >">
&#x73;&#x63;&#x6f;&#x74;&#x74;&#x2e;&#x67;&#x6f;&#x6e;&#x7a;&#x61;&#x6c;&#x65;&#x7a;&#x40;&#x67;&#x6d;&#x61;&#x69;&#x6c;&#x2e;&#x63;&#x6f;&#x6d;
</a>

On Thu, Feb 19, 2015 at 1:23 PM, Jeremy Merritt < = EMAIL ADDRESS REMOVED = > wrote:

> Hello!
>
> I have been asked to look into ways to obfuscate email addresses made
> available online so that automated bots and email harvesters have a more
> difficult time collecting. I realize that obfuscating email addresses is a
> controversial subject and is not foolproof, but alas I have been tasked
> with coming up with some recommendations.
>
> It is important to us that any solution does not make email addresses
> inaccessible to legitimate users. I've read a number of (old) articles on
> methods to obfuscate email addresses, such as
> http://doteduguru.com/id415-e-mail-obfuscation.html . In this blog, the
> author suggests that some simple (and reportedly effective) methodologies
> make the email addresses inaccessible to users of screen readers. However,
> in my testing using the current (trial) version of JAWS, I haven't found
> this to be the case.
>
> I put 4 email addresses up on a simple web page at
> http://wiu.edu/users/mujtm6/spam/ and was able to hear the correct email
> addresses when I tested the site in JAWS. Each of these email addresses
> uses a different method for "obfuscating" the email in some way. The
> pertinent source code is below. As I am not a very savvy screen reader
> user, I would like some feedback from some of you that are more familiar.
> Do any of these cause accessibility problems?
>
>
> [CODE BELOW]
>
> <ul>
> <li><span class="nospam"><span class="u">william</span><span
> class="at">@</span><span class="d">domain.com</span></span></li>
> <li>john<span style="display:none;">bogus</span> = EMAIL ADDRESS REMOVED = </li>
> <li>robert&#64;domain&#46;com</li>
> <li>sally@<!--bogus-->domain.com </li>
> </ul>
>
> [END CODE]
>
>
> Best,
>
> Jeremy
> > > >