Halfbakery: Users: Details
Suppressed email addresses   (+2, -1)  [vote for, against]
Use a form instead of an email address on profile pages.

When posting email addresses to their profile pages, halfbakers sometimes go to extravagant lengths to obfuscate them sufficiently that spammer spiders won't recognize them as addresses and add them to their spam lists. (My personal favorite example of this lately is Tiger Lily's.) It's unfortunate that this is necessary but it's a real problem these days.

I think a better alternative is to use a two-fold system built-in to the halfbakery interface that suppresses the addresses completely.

The first step is to give bakers an "email address" optional field they can fill in on their profile pages. This address is stored along with the username and password assigned to the account.

If a baker supplies an address, it is never displayed on the profile page. However they can then receive email from visitors to their profile page by use of the second step, which follows.

The existence of an email address on an account causes a "Write this halfbaker" form to appear on that baker's profile page. This form consists of a message content textbox and a send button. It will only be visible to other bakers who have also supplied email addresses.

This way, the form action can automatically include the sender's email address. Ergo, only logged-in halfbakers who have supplied addresses can use the system. You can't send if you're not prepared to receive.

The "Write this halfbaker" form appears in the same place as the current text entry boxes bakers see when they visit their own profile pages.

---------------

Additional details:
Email addresses would be displayed back to bakers when they view their own profile pages, much as passwords and profile content are currently. This is the only circumstance under which an email address would be visible on a halfbakery page.

I'm not sure about the best way to handle the sending mechanism. I'm guessing javascript is out, mostly because jutta dislikes it but also because I think it would still be possible for spiders to snatch addresses if it were done this way. The mechanism may need to be a server side thing, and I don't know if that would entail routing through a sendmail server or not. jutta, you would clearly know better than I the logistics of this. At least you wouldn't be hosting email accounts.
-- waugsqueke, Nov 17 2003

If this system existed, I think I would still post my mildly obscure address on my profile page because on a couple of occasions I have enjoyed receiving email from nonmembers who find my postings through Goggle searches.
-- AO, Nov 17 2003


AO, no problem, though folks could still create a bakery account just to send email.

jutta, I know there's more involved than just creating a form. I was initially thinking of a form "action = mailto:" sort of thing, but again that doesn't protect the address. Nevertheless it seems reasonably doable to me, and does not require you hosting anything.

Of course any system can be subverted but it would require a special effort, at least.
-- waugsqueke, Nov 17 2003


I've been inspired to obfuscate my email address too. I quite like it. ;)
-- Detly, Nov 17 2003


For what it's worth, I've had an address on my profile page for quite a while now and I get virtually no spam there. The spam I get I presume is generated with a random "to" address.
-- phoenix, Nov 17 2003


// Few bother hacking the halfbakery just to tell its users something, but using it as a multiplexer to spam everybody else is a different thing //

I think you make it sound a tad more grave than it actually is. It's a relatively simple thing to block that relay access if you know what you're doing (or even if you don't - I've done it myself with sendmail on an old Solaris box, and I clearly don't have a clue what I'm doing).

However, I will give you the point that it does require your time and resources, and I understand that you don't need the hassle.
-- waugsqueke, Nov 17 2003



random, halfbakery