php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #18689 php.net is getting trawled by spammers (yawn)
Submitted: 2002-08-01 13:10 UTC Modified: 2002-10-22 09:39 UTC
Votes:4
Avg. Score:3.0 ± 1.2
Reproduced:2 of 3 (66.7%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: phpbug at botanicus dot net Assigned:
Status: Closed Package: Website problem
PHP Version: 4.2.2 OS: l00n1x
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: phpbug at botanicus dot net
New email:
PHP Version: OS:

 

 [2002-08-01 13:10 UTC] phpbug at botanicus dot net 
I use throwaway addresses for everything I submit to, and I got a spam mail to
an address I used to report a (closed) PHP bug with.  The solution? Obfuscate
e-mails addresses on-site or hide them.

Received: from 195.53.199.151 ([195.53.199.151])
   by newjack.dahomelands.net (8.12.4/8.11.6) with SMTP id g71DPtqo029643
   for <phpbug@botanicus.net>; Thu, 1 Aug 2002 13:25:58 GMT
   (envelope-from Success@Microsoft.com)
Message-Id: <200208011325.g71DPtqo029643@newjack.dahomelands.net>
From: CEO of Internet Marketing <Success@Microsoft.com>
To: phpbug@botanicus.net
Cc:
Subject: EARN $ 100,000+/YEAR SENDING E-MAIL !
Sender: CEO of Internet Marketing <Success@Microsoft.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Date: Thu, 1 Aug 2002 08:27:47 -0400
X-Mailer: Microsoft Outlook Build 10.0.2616
X-Priority: 1


Please, dont suggest "use a spam filter", or any other such bad solutions, just
stop leaking addresses. Maybe one day the Internet will be a place where e-mail
addresses are safe in the wild again, maybe not..


Dave.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-08-01 13:29 UTC] goba@php.net 
So what method do you suggest us to obfuscate? All the common ones are known by email harvesters...
 [2002-08-02 10:49 UTC] sander@php.net 
We can use gd and embed the e-mail addresses in images... although it's easy, it's quite cpu intensive...
 [2002-08-02 11:07 UTC] goba@php.net 
And it would complicate the mirroring process...
 [2002-08-02 11:38 UTC] kalowsky@php.net 
I don't see how this is a PHP website issue.  this happens anywhere/everywhere you may post an email address.  If you wish to obfuscate your email, that is upto you.
 [2002-08-02 12:21 UTC] sander@php.net 
AFAIK, we're talking only about the bugsystem, not about the annotation system or something else... 
The bugsystems relies on valid email addresses... IMO this is indeed a php.net website problem. Reopening.
(BTW: the bugsystem doesn't get mirrored so that's not a problem)
 [2002-08-11 08:19 UTC] mfischer@php.net 
What about using a table to display the address?

<table><tr><td>user</td><td>randomobfuscate</td><td>domain.tld</td></tr></table>

Btw, I like the image idea. But it doesn't have to be that cpu intensive, we could cache the images (create a md5 sum of the email address which acts as a filename or so).
 [2002-08-11 10:35 UTC] jacques@php.net 
We could use that function from the PHP manual which converts the email addresses displayed on the web in a similar format to:

  jacques at php dot net

I can grab the code from the phpweb and implement it here.
 [2002-08-11 10:44 UTC] goba@php.net 
AFAIK there is no such function. What you write in as your email address is directly used for user note printouts...
 [2002-08-11 11:31 UTC] jacques@php.net 
On the online user manual I see (http://www.php.net/manual/en/) at the bottom of that particular page there is:

  mj at php dot net

We can easily do using something like above using the following code snipbit:

  $name = str_replace(array("@", "."), array(" at ", " dot "), $name);

Maybe I'm going insane.  I've found it from my guestbook code *G*
 [2002-10-22 08:42 UTC] madsen at sjovedyr dot dk 
I don't see any problems in using obfuscated adresses, but don't make too much of an issue out of it...

Why not just use something like the <table>-idea?

The crawlers are scanning the HTML for adresses, and most of them won't find anything if it looks like this: someone<!-- bla -->@<!-- bla again -->example.com
 [2002-10-22 09:39 UTC] goba@php.net 
The "obfuscation" used currently is IMHO OK as is. I don't think so, that too much people would like to ask questions from those submitters.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Sep 28 23:01:27 2024 UTC