By webdev2 on

I'm putting together a site where one of the specs was to prevent email harvesting. Does drupal do that auomatically, is there a module, or is it not possible?

Thanks.

Categories: Drupal 6.x

Comments

vm’s picture

vm commented

http://drupal.org/project/emailobfuscator

webdev2’s picture

webdev2 commented

thanks. One thing I read on the net about drupal was that, by default, raw email addresses were never on the web - they were always obfuscated in some way.

Is that true or do I need this module?

Thanks

matkeane’s picture

matkeane commented

Hi,

I think, by default, Drupal hides user email addresses on profile pages, but email addresses in nodes are automatically converted to mailto links with the default input filter. So Drupal will attempt to protect the privacy of users, but assumes that a published email address is more useful as a link.

So, if you need to make email addresses on your site difficult to harvest, then you probably need a module. I thought I'd heard of some other modules but, if anybody is curious, the http://drupal.org/project/emailobfuscator module adds a new input filter which seems to work by replacing email addresses with text in name_at_domain_dot_tld format, and then wrapping it with javascript which writes the mailto link back into the page in character encoded form. I say 'seems to', as the only way to find out how it works is to download it and read the source code - maybe it obfuscates documentation and comments as well?! ;-)

OK, found some others. Not sure how they differ from eachother:
http://drupal.org/project/spamspan
http://drupal.org/project/Invisimail

cwd’s picture

cwd commented

I read the spamspan page (http://drupal.org/project/spamspan) and it looks like it would do the same thing this module would do. however, i installed spamspan and i can't find any configuration options for it, and I can't figure out how to get it to work, either. any tips?

I guess I am looking for a module that I can install which will take content that already exists, and look for e-mail addresses in that content, and obscure them before serving the content up.

any tips?

Bobby1290’s picture

Bobby1290 commented

Yes, by default drupal uses a contact form (enable and look at the one in your account profile).

You need this module only if you are posting emails in readable form on a drupal page.
but if you re going to post an email you can also post a link to the contact form.

If you need to show a list of emails-> obfuscator module.

mcfilms’s picture

mcfilms commented

I am not sure what the OP meant by "prevent email harvesting." If you mean prevent OTHERS from harvesting mail, then sure Drupal does that. But if you mean prevent the domain admin from email harvesting, that's a whole different problem. Normally a Drupal install needs an e-mail for a user to create an account. And these addresses are available to the people running the site. The best way to prevent "harvesting" would be not to collect them. But if you are allowing visitors to post comments -- hello spam.

A list of some of the Drupal sites I have designed and/or developed can be viewed at motioncity.com

webdev2’s picture

webdev2 commented

Many thanks everyone!! I think I will use the obfuscator.

This is closed.

dfvis’s picture

dfvis commented

I could not get invisimail and spamspan to work with cck email field. Following tutorial worked for me: http://www.cafewebmaster.com/how-hide-encrypt-cck-email-field-js-against...

matkeane’s picture

matkeane commented

Hi,

I didn't look in detail at the content of the function used in that link, but what I did notice is that they are hacking the core email module (which isn't really good practice anyway) even though the function in question is a theme() function.

A more kitten-friendly way to achieve the same thing would be to add a new function in your theme's template.php file to override the core function - something like:

mythemename_email_formatter_default($element)  {
  [... modified function code here ...]
}

The advantage being that your changes won't get stomped on the next time there's a Drupal core update.

abhiklpm’s picture

abhiklpm commented

Might help someone...

Spamfree Email module which obfuscates email addresses for JS enabled and disabled browsers. It converts the email address in content to javascript.

https://www.drupal.org/project/spamfree_email