#!/usr/bin/perl =head1 NAME obfuscate-mailto.pl - generates encrypted mailto: links in a javascript include =head1 SYNOPSIS obfuscate-mailto.pl [options] [linktext] > getSignature.js If the linktext isn't provided, the mailto will be used in its place. e.g. obfuscate-mailto.pl 'Bob Jones ' > /srv/www/getSignature.js obfuscate-mailto.pl 'Bob Jones ' 'mail Bobby' Options: -h|--help brief help message -m|--man full man page -v|--verbose -V|--version =head1 DESCRIPTION See Tim Williams' discussion on the "How and Why of obfuscating your address" at http://www.u.arizona.edu/~trw/spam/index.htm. There he proposes the idea of converting your email address into a seemingly random string of characters using a simple substitution cipher, using a block. The advantages to this approach over a verbatim C link are that spambots using simple regular expression searching for stuff like C won't find it. Spambots have a lot of work to do and it's unlikely that they're going to parse and run javascript hoping to find an email address. They might conceivably convert HTML character entities or character codes, which is why this method is preferred for the truly paranoid. My method is an expansion on Tim Williams' idea in that instead of putting the obfuscation into a , it uses a javascript include to pull in the obfuscation code. So you can have a C link on your page by adding this to your html, which looks like anything I a C link: That has the advantage of keeping your HTML files cleaner, and of adding one more step to hide from the spambots, that of their having to fetch an additional file which isn't even HTML. This C script generates output which looks like this: coded = "XKA 2. tKN4r ZAKAoMKN4r.3KCn" codedlt = "W9Mp WZ 9a fcfNmcTZD.qcW" key = "R>jB5LiVpYwI1"+decfn(codedlt)+"") Take that and put it in a js file, like getSignature.js, on a web server somewhere. Link to it with the Cscript...EE/scriptE> tags as above and you're good to go. =head1 DOWNLOAD =for html

Pick a link that works for you:
obfuscate-mailto.pl
obfuscate-mailto.pl.txt

=head1 AUTHOR This is inspired by Tim Williams, http://www.u.arizona.edu/~trw/spam/spam4.htm Who says: As for the code it is freeware, use it as you like. If you like it please let me know. If you hate it let me know. This script was written, and the javascript expanded on and the include feature added 11/2004 by Kevin M. Goess. =for html =head1 COPYRIGHT AND LICENSE Copyright 2004 by Kevin M. Goess This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. =head1 CHANGES =over 4 =item 2005-10-29 encoding link text as well, some cleanup =item 2004-11-20 Initial version. =back =cut use strict; use Pod::Usage; use Getopt::Long; Getopt::Long::Configure('no_ignore_case'); my $VERSION='0.01'; my ($verbose, $version, $help, $man, $mailto, $linktext); GetOptions ( 'v|verbose' => \$verbose, 'V|version' => \$version, 'h|help' => \$help, 'm|man' => \$man, ); $version and print "$0 version $VERSION\n" and exit; $man and pod2usage(-verbose => 2); $help and pod2usage; $mailto = shift; $linktext = shift; $mailto || pod2usage("\nerror: mailto is required\n"); $linktext ||= $mailto; $linktext =~ s//>/; my $key = "aZbYcXdWeVfUgThSiRjQkPlOmNnMoLpKqJrIsHtGuFvEwDxCyBzA1234567890@<>"; $key = scramble_key($key); my $coded_mailto = encode($mailto, $key); my $coded_linktext = encode($linktext, $key); my $reversed = decode($coded_mailto, $key); die "something failed" unless $reversed eq $mailto; print <"+decfn(codedlt)+"") EOL sub scramble_key { my ($key) = shift; my @key = split('',$key); my $skey = ''; while (@key){ $skey .= splice(@key,rand(@key),1); } return $skey; } sub encode { my ($coded, $key) = @_; my $strlen=length($coded); my $link=""; my $ltr; for (my $i=0; $i