3

Preface: I'm honestly not sure if this should be on StackOverflow, SuperUser or Doctype. If it needs to be on SuperUser please move it. If it needs to be on Doctype please close it and I'll re-post it there.

We all know that putting your email address anywhere on the Internet in any format, be it in plain text or a mailto: link, will cause it to be harvested by a spambot. And there are many questions already on the topic here.

For companies though, spambots are just part of the cost of doing business. So while using something like listing your email address in the form of [someone] [at] [companyname] [dot] [com] may thwart a spam bot, it also makes a potentially paying customer go through just enough hassle to ignore you (and it's possible the user isn't savvy enough to understand what's going on), so you just sort of suck it up and deal with the spam.

However, I've got a client who has a different issue - they have potential customers who will go to several dozen websites, click on the email address, paste in a prepared text and subject (sometimes going so far as to also paste in my client's business name to appear like it's not a prepared text they're sending to everyone). My client then spends time hand-crafting a response, only to never hear from the potential customer again because in this "casual spammer" approach, the vendor that sends back the lowest hard dollar amount in their email pretty much wins (and the nature of my client's business is such that almost without fail the vendor which will quote you a dollar amount without having met you is a big red flag but that's beside the point).

So the client has suggested that while we leave their email on the site in someone@companyname.com format, we don't make it a clickable mailto: link. The thought is that maybe the act of having to select and copy the email address into a message would thwart some of the "mass price shopping" customers. My client's industry does not lend itself to repeat business so they're not likely to ever land these customers anyway and losing them to this approach is ultimately harmless.

I'm skeptical about this but I'm curious if there's any better ideas to thwart "casual" spammers.

To Clarify: I'm not worried about spambots or screen scrapers or anything habitual or automatic. I'm talking about the concept that an actual person goes to dozens of similar websites sending identical emails to each company in order to find the lowest price. These are the customers which would never hire my client and so we're looking for a way to slow or thwart them without turning away people who aren't just spamming as many companies as they can find.

Community
  • 1
  • 1
Tom Kidd
  • 12,830
  • 19
  • 89
  • 128
  • It's an interesting question, put not a programming question. I'd try doctype, but if they don't accept it, it may belong on a business forum somewhere. – Jon B Sep 02 '09 at 15:40
  • 1
    Can you trace the IP address? No matter how the user sends the e-mail, other than through a proxy, which you can detect as well, he should not be able to mask his IP. In which case it should be the same IP over and over, so then you can just block that particular IP (and proxies for that matter). – Zoidberg Sep 02 '09 at 15:41
  • 1
    This is a business question, not a programming question. The proposal is to make the site a bit less convenient to use, in hopes of discouraging the casual people hitting several sites and not the casual people (little return business, remember) who aren't. It sounds like a bad idea to me. – David Thornley Sep 02 '09 at 16:10

4 Answers4

4

Honestly I don't think this problem has a technical solution. Even if the address is non-clickable, or you have to fill out a form, someone is probably still going to request the quote.

This needs to be solved in the sales process. Whoever answers these emails needs to be able to sense that they are bogus, and reply with a brief request for more information (which will likely go ignored).

Jon B
  • 51,025
  • 31
  • 133
  • 161
1

I tend to not put an e-mail address up. Instead, I provide a contact form that sends an e-mail.

ceejayoz
  • 176,543
  • 40
  • 303
  • 368
  • That kind of annoys me. I like seeing an email address and phone number. Make it easier for me to get in touch, not harder. – Jon B Sep 02 '09 at 15:38
  • We have that, too. But are there a significant number of people out there that don't like that approach? I know when I go to a company's site and fill out a form I sometimes feel like I'm sending a message into a blank void whereas if I sent an email from Outlook or GMail or whatever I have evidence on my side that I actually sent them something. – Tom Kidd Sep 02 '09 at 15:38
0

If you have to put an email address on a page, you could build it in-line with JavaScript, in such a way that the text is unrecognisable to a screen scraper, e.g.

document.write("<" + "a hr" + "ef=" + "'ma" + "ilt" + "o:" + address + "'" + ">" + address + "<" + "/" + "a" + ">");

Where you would set the address variable in a similar way.

Christian Hayter
  • 30,581
  • 6
  • 72
  • 99
  • Screen scrapers aren't the problem here - real people are. – Samir Talwar Sep 02 '09 at 15:42
  • No offense, but spam bots and screen scrapers are not the issue. Potential customers (actual humans) are literally clicking on the contacts on as many sites in this sector as possible and then going with the one with the lowest price. These are the kinds of customers my client will not land anyway so we want a way to thwart them. – Tom Kidd Sep 02 '09 at 15:43
  • This would thwart anyone with NoScript. – statenjason Sep 02 '09 at 15:43
  • Ah, but how does the spammer obtain your email address if not by scraping your site? He's not going to waste time manually scanning millions of site updates looking for nuggets of gold. – Christian Hayter Sep 02 '09 at 15:44
  • @Christian - the question states that the spammer IS manually going to each site. Not millions, but probably dozens. This is to request many quotes for some product. The company in question is not interested in these quote requests. – Jon B Sep 02 '09 at 15:46
  • @Christian Hayter: We're talking a much smaller scale than that - the potential customer is going to, say, twenty sites. They're emailing all of them. Whomever gives them a price, and the lowest one, wins. But the client isn't selling something like books or something identical which can be price shopped. So by answering these emails they're wasting their time. I'm wondering if there's any way to thwart these "casual spammers" - I call them spammers when really they're just normal people emailing a lot of other people. – Tom Kidd Sep 02 '09 at 15:49
  • Yes, sorry, misunderstood. In that case I vote for displaying a non-clickable email address on the page. – Christian Hayter Sep 02 '09 at 15:50
0

To thrawt scrapers, you could inject the email address after the page loads via javascript. However, it doesn't sound like you are as concerned with scrapers as authentic users sending emails. In which case, I do not have an answer for you.

Chance
  • 11,043
  • 8
  • 61
  • 84