Return-Path: 
 <forrest-dev-return-9235-apmail-xml-forrest-dev-archive=xml.apache.org@xml.apache.org>
Delivered-To: apmail-xml-forrest-dev-archive@www.apache.org
Received: (qmail 52720 invoked from network); 23 Feb 2004 22:41:47 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 23 Feb 2004 22:41:47 -0000
Received: (qmail 78259 invoked by uid 500); 23 Feb 2004 22:38:17 -0000
Delivered-To: apmail-xml-forrest-dev-archive@xml.apache.org
Received: (qmail 78210 invoked by uid 500); 23 Feb 2004 22:38:16 -0000
Mailing-List: contact forrest-dev-help@xml.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:forrest-dev-help@xml.apache.org>
list-unsubscribe: <mailto:forrest-dev-unsubscribe@xml.apache.org>
list-post: <mailto:forrest-dev@xml.apache.org>
Reply-To: forrest-dev@xml.apache.org
Delivered-To: mailing list forrest-dev@xml.apache.org
Received: (qmail 78192 invoked from network); 23 Feb 2004 22:38:16 -0000
Received: from unknown (HELO mail.medata.com) (65.104.121.53)
  by daedalus.apache.org with SMTP; 23 Feb 2004 22:38:16 -0000
Received: from [172.24.2.18] (proc012 [172.24.2.18] (may be forged))
	(authenticated bits=0)
	by mail.medata.com (8.12.8/8.12.8) with ESMTP id i1NMcK8a007433
	(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO)
	for <forrest-dev@xml.apache.org>; Mon, 23 Feb 2004 14:38:20 -0800
Mime-Version: 1.0 (Apple Message framework v612)
In-Reply-To: <403A74DC.5060200@bl.com>
References: <403A74DC.5060200@bl.com>
Content-Type: text/plain; charset=US-ASCII; format=flowed
Message-Id: <FCBE6B3B-6650-11D8-B7E9-000393448246@medata.com>
Content-Transfer-Encoding: 7bit
X-Image-Url: http://homepage.mac.com/webmaestro/.cv/thumbs/me.thumbnail
From: Clay Leeds <cleeds@medata.com>
Subject: Re: Email obfustication -- "incorrect"
Date: Mon, 23 Feb 2004 14:38:23 -0800
To: forrest-dev@xml.apache.org
X-Mailer: Apple Mail (2.612)
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

On Feb 23, 2004, at 1:47 PM, Moshe Yudkowsky wrote:
> The email obfustication alorightm works very differently than I'd 
> expect.
>
> It takes "foo@example.com" and changes it to "foo.at.example.com".
>
> The data that I have seen -- experiments with putting email addresses 
> out there -- shows that changing the HTML source from @ to &#40; is 
> sufficient to throw off all current email harvesters; but that method 
> of obfustication lets the browser put up the correct "@" symbol 
> instead of ".at."
>
> Comments?

It's only a matter of time before e-mail harvesters fix their code to 
accommodate &40; etc. It seems like a simple thing to change in a perl 
script (assuming that's what they're using). Perhaps the Forrest's 
obfuscation system might someday give the opportunity to customize it 
(from skinconf.xml):

   <obfuscate-mail-links>true</obfuscate-mail-links>
   <obfuscate-mail-links-char>&40;</obfuscate-mail-links-char>

That way, people could add their own (if they so choose):
   <obfuscate-mail-links-char>.at.</obfuscate-mail-links-char>
   <obfuscate-mail-links-char>-theatsymbol-</obfuscate-mail-links-char>
   <obfuscate-mail-links-char>.a.</obfuscate-mail-links-char>
   <obfuscate-mail-links-char>_a_</obfuscate-mail-links-char>
   <obfuscate-mail-links-char>_at?_</obfuscate-mail-links-char>
   <obfuscate-mail-links-char>!</obfuscate-mail-links-char>
   <obfuscate-mail-links-char>-atthingie-</obfuscate-mail-links-char>
   <obfuscate-mail-links-char>_spam_</obfuscate-mail-links-char>

Of course it would always default to the best thing we can come up 
with, provided <obfuscate-mail-links-char> (or whatever it's called) is 
not set...

Web Maestro Clay