mileswjohnson » read » Email Encryption against Spam

Email Encryption against Spam

November 11th, 2007

Lets begin by setting up a scenario. You just woke up and jumped out of bed, you just finished breakfast or you just arrived at work. You plan to start off this wonderful day by reading your emails and getting them out of the way. You launch your mail client and wait for the connection, your "new mail" notification pops up, it beings downloading the new messages (you get a bit of joy out of this), you then click the inbox icon which is associated with the current amount of mail in it (you have alot and are quite pleased), but then... Once you are in your inbox, you realize something horrible, your inbox is full of spam! Literally 95% of your emails you were planning on reading are spam. It aggravates you, you wonder how this happened and why you get so much irritating spam! Well in this tutorial, we will teach you the basics of how to encrypt your email to stop spam bots in their tracks and safe ways to stop bots from fetching your email address.

I will begin creating this function assuming you are familiar with php and that for this encryption to work you must have php installed on your server. Lets now create the function and pass it 3 arguments: $email will be the email address we will attempt to encrypt, $at would be the replacement for the @ sign, and $spoof determines which email encryption we should return (more on this later). We also throw in 2 variables: $value and $amp (ASCII equivalent to the ampersand, highly suggest not changing this value).

// Encrypts an email making it spam proof against bots
function encryptEmail($email, $at = "[[at]]", $spoof = false) {
	$value = "";
	$amp = "&#64;";
 
}

Now that we have the function built, the parameters and variables set, we are now ready to build the for loop. This is where the encryption really takes place. The loop basically loops through each letter of the $email and returns each letter with its ASCII equivalent value. This way the email is not displayed as basic text within the source, and is negated when a spam bot scans it. Also associated with this loop are 2 variables: $pre is the username and the text before the @ sign, and $suf is the domain and text after the @ sign.

	for ($i = 0; $i &lt; strlen($email); $i++) {
		$letter = substr($email, $i, 1);
 
		if ($letter == "@") {
			$pre = $value;
			$value = "";
		} else {
			$value .= "&#" . ord($letter) . ";";
		}
	}
 
	$suf = $value;

Now for the remaining part of the function, the return. First we have to determine whether to spoof the text. If $spoof is set to false, the text returned will be the ASCII equivalent of the $email (email@domain.com). If $spoof is set to true, the text will be returned as ASCII but have the @ replaced by the $at variable (email[[at]]domain.com). Usually the $spoof remains false when displaying the email within the anchor link, and $spoof true is used to display the email in public view.

// Encrypts an email making it spam proof against bots
function encryptEmail($email, $at = "[[at]]", $spoof = false) {
	$value = "";
	$amp = "&#64;";
 
	for ($i = 0; $i &lt; strlen($email); $i++) {
		$letter = substr($email, $i, 1);
 
		if ($letter == "@") {
			$pre = $value;
			$value = "";
		} else {
			$value .= "&#" . ord($letter) . ";";
		}
	}
 
	$suf = $value;
 
	// Return the encrypted email
	$encrypted = ($spoof) ? $pre.$at.$suf : $pre.$amp.$suf;
	return $encrypted;
}

// Some good examples of how to use this
echo encryptEmail("email@domain.com");
echo encryptEmail("email@domain.com", "-at-", true);
 
<a href="mailto:<?php echo encryptEmail("email@domain.com"); ?>" title="Email Me!">< ?php echo encryptEmail("email@domain.com", "[[at]]", true); ?></a>

A few tips and pointers to avoid spam!
Bots find your email address by scanning your sites content and your sites source code and then inserting your new found email into a database; where you then get barraged with spam. The function above will help by encrypting the email in your source code and if you supply a replacement for the @ separator in the email, that can also help to steer bots away from your email. Below are a few tips you can use to keep spam out of your inbox.

Use Gmail as your email client, it has thee best spam blocker anywhere
Do not give your email away to any person or site that you do not know is legit.
Create private emails for business or personal use.
Create fake emails using yahoo or hotmail and use this for everyday use.
Do not subscribe to newsletters, promotions, etc.
Use filtering and spam blocker programs on your email client.
If your email address is public on a website, ask the web master to transform it in to a picture or change the @ sign
Check the email address of the sender and the subject of the email.
Never buy anything from a spammer's email, even if it is something you want, as it is likely to be fraudulent.

There are many other ways to protect yourself, these are just a few to get yourself started. You can find more articles and resources on the world wide web.

You can leave a comment, or trackback from your own site.

2 Comments

1
trase November 15th, 2007 2:30 pm

Just wanting to see what comments look like. :) Thanks!
2
Alex January 22nd, 2008 9:15 pm

Or you can just forward your domain email to a gmail account to filter the spam, then reply with the domain email. Far easier IMO.

But nice technique.