Contact info like phone numbers and emails should be obfuscated if possible

[dilijev]

Web crawlers might be able to find email addresses and start spamming.

Personal phone numbers are a definite issue. There is a phone number under the about us page, which appears to belong to the president. This might be the office phone number but since that's not clear I wanted to raise the issue.

[dilijev]

I assume you closed #11 as duplicate?

http://hkn.ece.utexas.edu/contact.php

• president at hkn.ece.utexas.edu or president@hkn (where hkn means hkn.ece.utexas.edu), UT CS does this on signs and in syllabuses, for example gripe@cs to contact a sysadmin or request help with a problem.
• alumni@hkn should be written out in text instead of as a link, and don't write the whole email out in a way that a web scraper can copy-paste it

http://hkn.ece.utexas.edu/facultyfriends.php - above comments for all the emails on this page http://hkn.ece.utexas.edu/officers.php - same here. on this page and before it's good that it's not a mailto link, but a simple webcrawler searching the page will still find the things formatted like email addresses and be able to handle them.

Same goes for the announcements (show the emails in plaintext but obfuscated)

[dilijev]

On the other hand, maybe leaving it alone or being smarter about the obfuscation is a better idea. http://www.howtogeek.com/129673/does-email-address-obfuscation-actually-prevent-spam/

[dilijev]

This is linked to from the article I just posted, the original study: http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/

This method seems to be good for both hiding from spambots and also allowing the address to be clickable. Of course, if spambots look at the page rendered as a browser would instead of the raw HTML (fairly unlikely), then this won't help at all. In that case, using methods 1 or 2

3: ROT13 Encryption

ROT13 encode the e-mail address with this tool or use the str_rot13 function of PHP and decode it via Javascript.

<script type=”text/javascript”>
document.write(“<n uers=\”znvygb:fvyinasbbone10@gvyyyngr.pbz\” ery=\”absbyybj\”>”.replace(/[a-zA-Z]/g, function(c){return String.fromCharCode((c<=”Z”?90:122)>=(c=c.charCodeAt(0)+13)?c:c-26);}));
</script>silvanfoobar’s Mail</a></plaintext>

[dilijev]

Also, I personally am not a fan of clickable email addresses in lieu of easily-copyable emails. It doesn't help hide things from spammers at all but it does force people to click on the link which brings up whatever mail service you have set up, even if you don't intend to send an email.

If the email address is linked, it should still be spelled out in copyable text on the page.

If we remove the email links altogether, this makes the "Display: none" method work, which is one of the methods that resulted in no spam in the study, and it's much easier and more straightforward to do that than screw around with JS.

Example:

<p>silvan8@<span class="displaynone">null</span>tilllate.com</p>

[nikhgarg]

Have we actually noticed any trouble with spam? If not, I'm not going to worry about this for now.

[dilijev]

It's always a potential issue. But okay.