Indiana University | University Information Technology Services | Communications & Planning Office

A Web Form to Protect IU Web Pages from
E-mail Address Harvesting

• What is E-mail Address Harvesting?
• The Web Form Option
• Benefits/Drawbacks of a Web Form
• Where to Get the Web Form

What is E-mail Address Harvesting? Spammers (people who send unsolicited and unwanted e-mail) use webbots (or bots) to scour Web pages across the Internet, harvesting e-mail addresses as they go. Whenever an e-mail address appears either in the text of a Web page or in a mailto link, it can be harvested. That e-mail address is then vulnerable to receiving spam.

The KB lists several ways to protect Web pages from address-harvesting bots. In addition, an October 2002 IU Home Pages article describes spam in detail.

• How can I protect my Web pages from e-mail address harvesting? (KB entry)
• You CAN can the spam (Home Pages article, part 1)
• Home Pages article, part 2; due Nov. 15)

The Web Form Option. Each of the options for preventing spam described in the KB entry and the Home Pages article has its benefits and drawbacks. This page focuses on one just one of those options: using a Web form. We wanted to provide a template of a Transform form to make it easy for IU webmasters to implement this option if they so choose.

Benefits/Drawbacks of a Web Form. This option is especially useful for departmental e-mail addresses because you can link to the same form from many pages. It's also useful when you want the e-mail messages to be automatically sent to multiple e-mail addresses. It's less useful for large numbers of e-mail addresses (e.g., address lists) because of the necessity of creating both a form and a template file for each address. You must install Transform into each directory where this form is used.

Where to Get the Web Form. The form we've created, and its template file, are both simple and easy to customize. Here's what you need to do:

1. Go to each of these pages:
   

   The Web Form File (email.html)
   The Form Template File (email.tpl; this file controls the form)

2. Open the source code (View -> (Page) Source) for each page, then use Save As to save the files to your workstation, renaming them if you wish. Remember that the part of the filenames in front of the dot need to be the same, and the form file has to end in .html and the template file in .tpl (e.g., email.html & email.tpl).


3. Using your favorite HTML editor, customize the two files with your own department name, e-mail address, and message. Remember not to use an e-mail address in the form (.html) file, where it could be harvested. However, because template (.tpl) files are invisible to bots, it's safe to put e-mail addresses there. The comments in each file tell you which text you need to replace with your own.


4. Upload your files to your Web site and replace the mailtos on your Web pages with links to the form (.html) file. We suggest using link text along the lines of: "Contact the _________ Department," avoiding such link wording as "Click here."

If you have any questions or concerns, contact the IU Webmasters.