UCE (unsolicited commercial e-mail), which grew to comprise 40 percent of all e-mail last December, according to filtering
service Brightmail.com, is on track to become the majority of all e-mail messages sent worldwide this year.
Thousands of words have been written on this subject, and I won't repeat them here. Instead, my object today is to help you
protect the customer-service e-mail addresses you post on your site from being "harvested" by UCE professionals or "spammers."
How do spam pros get addresses from your site?
1. Inexpensive "harvesting" programs search the Web looking for anything that contains an "at" sign, as all e-mail addresses
do.
2. Spammers use "dictionary attacks" to find valid addresses in large companies. On average, 30 percent of corporations' e-mail
server capacity -- totaling about half of all attempted e-mail connections -- is currently being consumed by robots probing
for addresses, according to spam-fighter Postini.com.
Despite this exposure, it's pretty hard for an e-business to exclude e-mail addresses from its pages:
1. E-mail is usually a far cheaper means of customer support than using toll-free numbers (although many e-commerce sites
use both).
2. Input forms and "contact pages" provide some defense against harvesters, but you still need to make some addresses visible
for customers who might wish to contact you at a later time.
I faced these problems myself when I was developing a "contact page" for my new Web site, BriansBuzz.com. The solution I adopted
allows visitors to (a) write down an address for later use, (b) click a link to create a new message on the spot, or (c) use
an input form. See: http://www.BriansBuzz.com/w/contact
1. My contact address is visible in the text, but with its punctuation spelled out: person "AT" BriansBuzz "DOT" com. While most humans can easily understand this pattern, it confuses most (but not all) of today's harvesting programs.
What makes this technique foolproof is that visitors are told to add "help" or "tip" to the subject line of their message.
This is an instruction no robot could ever comprehend.
2. Clicking the address starts a new message in whatever e-mail program the visitor may have. My address and the required
keyword automatically appear in the To and Subject lines. To keep harvesters from simply reading my address from the page's HTML, the link is driven by a script
that assembles the address without it appearing in the code. Some harvesters can read scripts, but they would never devote
the time to parsing such code -- it's far faster just to move on to sites where addresses are in plain view.
3. Finally, an input form takes comments from visitors who don't wish to use their own e-mail client. They may be using an
Internet cafe or a friend's PC that doesn't have their preferred program. Forms such as this are relatively safe from harvesters,
because robots can't decipher the code behind the form.
I'm not completely satisfied with the security of this system, but it's far better than nothing. Since my public e-mail address
has been available through InfoWorld for years, I've seen how much spam comes to addresses that are visible in plain text.
Send me the techniques you've found the most reliable to "cloak" your addresses from harvesters. I'll share the best tips
in a future issue, and send a gift certificate to the readers whose comments I print. Send e-mail to mailto:Brian@BriansBuzz.com,
with "tip" in the subject.
- - - - - - - - - - - - - - - - - - - - - - - - - - -
LIVINGSTON'S TOP 10 NEWS PICKS O' THE WEEK
1. E-businesses indicted for selling roach clips and paraphernalia: http://www.internetnews.com@5a0.tc/449
2. Companies experience 30 Internet attacks a week on average: http://www.datamonitor.com@3n.be/831
3. New directories help you find Internet cafes as you travel: http://www.searchenginewatch.com@1c.to/c19
4. Salon.com and its 53,000 subscribers aren't going away without a fight: http://www.salon.com@e.la/1001
5. Diplomat allegedly slain by victim of the Nigerian e-mail scam: http://www.wired.com@31.dk/13e9
6. Low-cost content management systems for Web sites reviewed: http://www.imagingmagazine.com@836.as/17d1
7. XML authoring tools to handle your content are compared: http://www.imagingmagazine.com@a6r.ms/1bb9
8. The pros and cons of building your data exchange on SOAP vs. .Net: http://www.builder.com@th.gs/1fa1
9. Wow! Some HTML tricks your mother never taught you: http://www.webdevelopersjournal.com@54.vg/2389
10. Can't find kitty? Push this button and your cat beeps: http://curtiselectro.homestead.com@a2.tc/2771
- - - - - - - - - - - - - - - - - - - - - - - - - - -
WACKY WEB WEEK: SIGNS OF PREPAREDNESS
I hope you've been paying careful attention to those in charge of
America
's homeland security, who've done their best to inform everyone how duct tape can protect you from a biological-weapon attack.
Now the Internet has been employed in this educational effort, with an entire Ready.gov site full of informative, Euro-style
signage to help you remember important safety tips. I especially like the official placard that means, "If you're driving
when you see a nuclear explosion, pull over to the side of the road." Additional and enhanced information is contributed by
Yayhooray.com, which has developed fresh commentary to go with each sign. I laughed until I cried. See: http://www.yayhooray.com@n6.be/c3b1
- - - - - - - - - - - - - - - - - - - - - - - - - - -
ABOUT THE AUTHOR: Brian Livingston is publisher of http://www.BriansBuzz.com. Research Director is Vickie Stevens. Brian has
published 10 books, including:
Windows Me Secrets: http://www.amazon.com@isbn.at/0764534939
Windows 2000 Secrets: http://www.amazon.com@isbn.at/0764534130
You'll receive a gift certificate good for a book, CD, or DVD of your choice if you're the first to send Brian a Top Story
or Wacky Web Week he prints. Send tips to mailto:Brian@BriansBuzz.com with "tip" in the subject line.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
