我如何使用PHP来混淆电子邮件地址,以免被垃圾邮件发送者收集? [重复]

时间:2021-01-29 18:13:37

I'm programming in PHP and would like to create web pages which have email addresses that are easily read by humans but not easily harvested by spammers. The email addresses are coming from user input, and I think I can identify an address by using a regular expression, but I'm not clear exactly how I should replace the email addresses or with what, in order to keep most automated spam bots from harvesting them.

我正在使用PHP进行编程,并且希望创建具有电子邮件地址的网页,这些电子邮件地址很容易被人类阅读但不容易被垃圾邮件发送者收集。电子邮件地址来自用户输入,我想我可以通过使用正则表达式识别地址,但我不清楚我应该如何更换电子邮件地址或用什么,以便保留大多数自动垃圾邮件机器人收获它们。

Here's one idea: (pseudo code)

这是一个想法:(伪代码)

(email)@(domain.com) $1<span class="remove">DELETE</span>$2

.remove {
   display: none;
}

Hopefully the bot will trip up on the span tag.

希望机器人能够在span标签上绊倒。

Finally, I'm looking for a solution that will not disturb email addresses that are inside of mailto: tags.

最后,我正在寻找一种不会干扰mailto:标签内的电子邮件地址的解决方案。

Duplicate of How can I prevent prevent bots from collecting e-mail addresses? which is duplicate of What are some ways to protect emails on websites from spambots? and maybe some others...

重复如何防止机器人收集电子邮件地址?这是什么方法来保护垃圾邮件网站上的电子邮件?也许还有其他一些......

4 个解决方案

#1


You can obfuscate it using CSS as well...

您也可以使用CSS对其进行模糊处理......

<span class="email-encrypt">moc.liamelgoog@avynnib<span class="email-decrypt-message">(Reverse this text to get my Email address)</span></span>

/*Decrypt Email */
.email-encrypt {
    unicode-bidi:bidi-override;
    direction: rtl;
}
.email-encrypt .email-decrypt-message {
    display:none;
}

Edit: Here, the email address in the source is in reverse - what the CSS statements does is that it reverts the email address to its original form. I hope that makes sense.

编辑:这里,源中的电子邮件地址是相反的 - CSS语句的作用是将电子邮件地址恢复为原始格式。我希望这是有道理的。

But I am not sure how effective this is - there are many bots who simulate a browser environment. I think I am better of saying something like - my email is binnyva, googlemail.

但我不确定这是多么有效 - 有很多机器人模拟浏览器环境。我想我最好说些什么 - 我的电子邮件是binnyva,googlemail。

#2


Use GD and create image of your Email ID

You can use the PHP GD library to easily create an image of any given text.

您可以使用PHP GD库轻松创建任何给定文本的图像。

A sample code will look like,

示例代码看起来像,

<?php
  header("Content-type: image/png");
  $im = @imagecreate(110, 20)or die("Cannot Initialize new GD image stream");
  $background_color = imagecolorallocate($im, 0, 0, 0);
  $text_color = imagecolorallocate($im, 255, 255, 255);
  imagestring($im, 1, 5, 5,  "anything@domain.com", $text_color);
  imagepng($im);
  imagedestroy($im);
?>

Advantages:

  • Spammers can't just capture it, unless they use an OCR :p
  • 垃圾邮件发送者不能只捕获它,除非他们使用OCR:p

  • Very low overhead, using PNG/GIF format
  • 开销非常低,使用PNG / GIF格式

  • Can be created on the fly for any text
  • 可以动态创建任何文本

Disadvantages:

  • Cannot click on the mail, as a link
  • 无法点击邮件,作为链接

  • Won't work with TTS engines, a -ve for the visually challenged.
  • 不适用于TTS引擎,对于视觉上的挑战。

#3


one option: javascript email obfuscation, and images when javascript was disabled

一个选项:javascript电子邮件混淆,以及禁用javascript时的图像

#4


The above trick (using CSS) would almost certainly not work. I don't know whether bots bother looking at CSS at all, in fact I'm not completely sure that they read HTML, they probably just match the whole page on some regex's.

上面的技巧(使用CSS)几乎肯定不起作用。我不知道机器人是否总是在考虑CSS,实际上我并不完全确定他们会阅读HTML,他们可能只是匹配整个页面上的一些正则表达式。

On the other hand, this makes poisioning their lists with spamtraps quite easy. If you want a particular address to receive spam (and spam only) to train your filters, you can put email addresses in the page which normal users won't be able to see or click on, only spam bots.

另一方面,这使得他们的列表与垃圾邮件陷阱相当容易。如果您希望特定地址接收垃圾邮件(以及仅限垃圾邮件)来训练您的过滤器,您可以将电子邮件地址放在普通用户无法看到或点击的页面中,只有垃圾邮件机器人。

In fact, do an experiment - write a number of different email addresses with different types of link, and see how many spams they get.

事实上,做一个实验 - 用不同类型的链接编写许多不同的电子邮件地址,并查看他们获得了多少垃圾邮件。

I tried it a few months ago with a normal link on my web site, it took about three weeks before the trap started receiving spam.

我几个月前在我的网站上使用了一个正常的链接尝试了它,它在陷阱开始接收垃圾邮件之前花了大约三个星期。

#1


You can obfuscate it using CSS as well...

您也可以使用CSS对其进行模糊处理......

<span class="email-encrypt">moc.liamelgoog@avynnib<span class="email-decrypt-message">(Reverse this text to get my Email address)</span></span>

/*Decrypt Email */
.email-encrypt {
    unicode-bidi:bidi-override;
    direction: rtl;
}
.email-encrypt .email-decrypt-message {
    display:none;
}

Edit: Here, the email address in the source is in reverse - what the CSS statements does is that it reverts the email address to its original form. I hope that makes sense.

编辑:这里,源中的电子邮件地址是相反的 - CSS语句的作用是将电子邮件地址恢复为原始格式。我希望这是有道理的。

But I am not sure how effective this is - there are many bots who simulate a browser environment. I think I am better of saying something like - my email is binnyva, googlemail.

但我不确定这是多么有效 - 有很多机器人模拟浏览器环境。我想我最好说些什么 - 我的电子邮件是binnyva,googlemail。

#2


Use GD and create image of your Email ID

You can use the PHP GD library to easily create an image of any given text.

您可以使用PHP GD库轻松创建任何给定文本的图像。

A sample code will look like,

示例代码看起来像,

<?php
  header("Content-type: image/png");
  $im = @imagecreate(110, 20)or die("Cannot Initialize new GD image stream");
  $background_color = imagecolorallocate($im, 0, 0, 0);
  $text_color = imagecolorallocate($im, 255, 255, 255);
  imagestring($im, 1, 5, 5,  "anything@domain.com", $text_color);
  imagepng($im);
  imagedestroy($im);
?>

Advantages:

  • Spammers can't just capture it, unless they use an OCR :p
  • 垃圾邮件发送者不能只捕获它,除非他们使用OCR:p

  • Very low overhead, using PNG/GIF format
  • 开销非常低,使用PNG / GIF格式

  • Can be created on the fly for any text
  • 可以动态创建任何文本

Disadvantages:

  • Cannot click on the mail, as a link
  • 无法点击邮件,作为链接

  • Won't work with TTS engines, a -ve for the visually challenged.
  • 不适用于TTS引擎,对于视觉上的挑战。

#3


one option: javascript email obfuscation, and images when javascript was disabled

一个选项:javascript电子邮件混淆,以及禁用javascript时的图像

#4


The above trick (using CSS) would almost certainly not work. I don't know whether bots bother looking at CSS at all, in fact I'm not completely sure that they read HTML, they probably just match the whole page on some regex's.

上面的技巧(使用CSS)几乎肯定不起作用。我不知道机器人是否总是在考虑CSS,实际上我并不完全确定他们会阅读HTML,他们可能只是匹配整个页面上的一些正则表达式。

On the other hand, this makes poisioning their lists with spamtraps quite easy. If you want a particular address to receive spam (and spam only) to train your filters, you can put email addresses in the page which normal users won't be able to see or click on, only spam bots.

另一方面,这使得他们的列表与垃圾邮件陷阱相当容易。如果您希望特定地址接收垃圾邮件(以及仅限垃圾邮件)来训练您的过滤器,您可以将电子邮件地址放在普通用户无法看到或点击的页面中,只有垃圾邮件机器人。

In fact, do an experiment - write a number of different email addresses with different types of link, and see how many spams they get.

事实上,做一个实验 - 用不同类型的链接编写许多不同的电子邮件地址,并查看他们获得了多少垃圾邮件。

I tried it a few months ago with a normal link on my web site, it took about three weeks before the trap started receiving spam.

我几个月前在我的网站上使用了一个正常的链接尝试了它,它在陷阱开始接收垃圾邮件之前花了大约三个星期。