"Spambots" scan Web pages for victim addresses

 

Most don't obey robots.txt etiquette

 

Can often be recognized via HTTP_USER_AGENT field and rerouted to perdition via mod_rewrite... or blackholed (I'll show how to do this easily in a few slides)

 

"Spambot-proof" your pages! Remove explicit addresses and mailto: links. Some techniques:

Most spambots don't understand character entities! Instead of

mailto:clueless@newbie.com

write

mailto:clueless@newbie.com

Construct mailto: links on the fly with Javascript (spambots can't execute it)

Render address as bitmap

Supply link via POST method

Feed spambot bogus addresses

Use "address mangling;" e.g.

clueless.remove-me@newbie.com

For more tips, plus CGI scripts, see "Spambot Beware" (http://www.turnstep.com/Spambot/)