Email Address and Web Form Protection
Spammers and hackers are constantly finding new ways to steal data and abuse web sites. They do it by writing programs which scour the web for exposed email addresses and vulnerable web forms. When they find an address, they add it to their databases and you start getting spammed. When they find a vulnerable web form, they can use it to send spam to you or other people, using your address.
How to Protect Your Email Address
There are many ways to protect your email address, but first and foremost, you must hide or remove the addresses on your web pages. Here are several methods of address protection and spam reduction:
- Switch to a form processing program which hides the recipient address. Our preferred solution is formmail.php from Tectite.com. It's secure, flexible and supports CAPTCHA for even more protection.
- Turn off your web site's "catch-all" email box. Some web hosts have a "feature" which allows any email address to work. For example, let's say I have the domain website.com, and my host has a catch-all box. I can send an email to email@example.com or firstname.lastname@example.org or email@example.com and they will all be delivered, because the email box catches everything, no matter how it's addressed. Some spammers will try to send mail to firstname.lastname@example.org and if it doesn't come back as undeliverable, they assume it got through and will continue to send junk to that address. So it's best to disable the catch-all box to reduce spam. Contact your web hosting company for details.
- Discourage spammers by giving them a big heap of spam right back... fill up their databases with junk email addresses!