PHP :: Bug #18689 :: php.net is getting trawled by spammers (yawn)

Bug #18689

php.net is getting trawled by spammers (yawn)

Submitted:

2002-08-01 13:10 UTC

Modified:

2002-10-22 09:39 UTC

Votes:	4
Avg. Score:	3.0 ± 1.2
Reproduced:	2 of 3 (66.7%)
Same Version:	0 (0.0%)
Same OS:	0 (0.0%)

From:

phpbug at botanicus dot net

Assigned:

Status:

Closed

Package:

Website problem

PHP Version:

4.2.2

OS:

l00n1x

Private report:

CVE-ID:

None

View Add Comment Developer Edit

[2002-08-01 13:10 UTC] phpbug at botanicus dot net

I use throwaway addresses for everything I submit to, and I got a spam mail to
an address I used to report a (closed) PHP bug with.  The solution? Obfuscate
e-mails addresses on-site or hide them.

Received: from 195.53.199.151 ([195.53.199.151])
   by newjack.dahomelands.net (8.12.4/8.11.6) with SMTP id g71DPtqo029643
   for <phpbug@botanicus.net>; Thu, 1 Aug 2002 13:25:58 GMT
   (envelope-from Success@Microsoft.com)
Message-Id: <200208011325.g71DPtqo029643@newjack.dahomelands.net>
From: CEO of Internet Marketing <Success@Microsoft.com>
To: phpbug@botanicus.net
Cc:
Subject: EARN $ 100,000+/YEAR SENDING E-MAIL !
Sender: CEO of Internet Marketing <Success@Microsoft.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Date: Thu, 1 Aug 2002 08:27:47 -0400
X-Mailer: Microsoft Outlook Build 10.0.2616
X-Priority: 1


Please, dont suggest "use a spam filter", or any other such bad solutions, just
stop leaking addresses. Maybe one day the Internet will be a place where e-mail
addresses are safe in the wild again, maybe not..


Dave.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-08-01 13:29 UTC] goba@php.net

So what method do you suggest us to obfuscate? All the common ones are known by email harvesters...

[2002-08-02 10:49 UTC] sander@php.net

We can use gd and embed the e-mail addresses in images... although it's easy, it's quite cpu intensive...

[2002-08-02 11:07 UTC] goba@php.net

And it would complicate the mirroring process...

[2002-08-02 11:38 UTC] kalowsky@php.net

I don't see how this is a PHP website issue.  this happens anywhere/everywhere you may post an email address.  If you wish to obfuscate your email, that is upto you.

[2002-08-02 12:21 UTC] sander@php.net

AFAIK, we're talking only about the bugsystem, not about the annotation system or something else... 
The bugsystems relies on valid email addresses... IMO this is indeed a php.net website problem. Reopening.
(BTW: the bugsystem doesn't get mirrored so that's not a problem)

[2002-08-11 08:19 UTC] mfischer@php.net

What about using a table to display the address?

<table><tr><td>user</td><td>randomobfuscate</td><td>domain.tld</td></tr></table>

Btw, I like the image idea. But it doesn't have to be that cpu intensive, we could cache the images (create a md5 sum of the email address which acts as a filename or so).

[2002-08-11 10:35 UTC] jacques@php.net

We could use that function from the PHP manual which converts the email addresses displayed on the web in a similar format to:

  jacques at php dot net

I can grab the code from the phpweb and implement it here.

[2002-08-11 10:44 UTC] goba@php.net

AFAIK there is no such function. What you write in as your email address is directly used for user note printouts...

[2002-08-11 11:31 UTC] jacques@php.net

On the online user manual I see (http://www.php.net/manual/en/) at the bottom of that particular page there is:

  mj at php dot net

We can easily do using something like above using the following code snipbit:

  $name = str_replace(array("@", "."), array(" at ", " dot "), $name);

Maybe I'm going insane.  I've found it from my guestbook code *G*

[2002-10-22 08:42 UTC] madsen at sjovedyr dot dk

I don't see any problems in using obfuscated adresses, but don't make too much of an issue out of it...

Why not just use something like the <table>-idea?

The crawlers are scanning the HTML for adresses, and most of them won't find anything if it looks like this: someone<!-- bla -->@<!-- bla again -->example.com

[2002-10-22 09:39 UTC] goba@php.net

The "obfuscation" used currently is IMHO OK as is. I don't think so, that too much people would like to ask questions from those submitters.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Wed Jun 26 14:01:32 2024 UTC