[rfc-i] public email addresses ?

Henning Schulzrinne hgs at cs.columbia.edu
Thu Nov 15 19:51:39 PST 2007


I have done some informal tests with JavaScript-generated mailto URLs,  
creating unique email addresses and seeing whether they'd attract spam  
when placed on some fairly visible web pages. I ran the test for a few  
weeks, without getting any. Obviously, I can't prove that there is no  
spammer out there that runs a JavaScript interpreter, but it seems  
pretty rare.

function hideemail(name,user,domain,subject,display) { if (display ==  
null || display == '') { if (name == '') { display = user + '@' +  
domain; } else { display = name; } } if (subject != '') { subject = '? 
subject=' + subject;   } document.write('<a href="mailto:' + name + '  
<' + user + '@' + domain + '>' + subject + '">' + display + '</a>'); }

On Nov 15, 2007, at 12:50 PM, Bob Braden wrote:

>
> The RFC Editor is installing a new web-based service for reporting
> and verifying errata.  Our first version displayed email addresses
> of both reporters and verifiers, for the convenience of others
> who want to comment/interact about particular errata.  But we very
> quickly found out our mistake; the RFC Editor staff was using
> the new system, and within 24 hours we found ourselves
> bombarded with spam.
>
> So, what is the recommendation?  Do we have to give up the
> transparency and convenience of email addresses in the public
> display of errata because of the *&^*&^*&^ spammers?  What
> does the tools team do about this?  What is the general rule
> for email addresses on IETF web pages?
>
> Thanks,
>
> RFC Editor/bb
>
> _______________________________________________
> rfc-interest mailing list
> rfc-interest at rfc-editor.org
> http://mailman.rfc-editor.org/mailman/listinfo/rfc-interest



More information about the rfc-interest mailing list