NYCPHP Meetup

[Wellington Fan]

Hello Listfolk,

This is going to be a bit of a ramble...

Firstly, here's a pretty simple obfuscator:

/////////////////////////////////////////////
// See it at: http://www.jenniferdalton.com/encoder.php
function obfuscate($s,$type="html") {
	for($i=0; $i < strlen($s); $i++) {
		$encoded  = sprintf("%02s",dechex(ord($s{$i})));
		$hexscii .= '%'.$encoded;
		$hexents .= '&#x'.$encoded.';';
	}
	return ($type=="html"?$hexents:$hexscii);
}
/////////////////////////////////////////////




Now, here's another technique with a little problem; maybe someone has a
suggestion for fixing it....

Contents of z.html:
/////////////////////////////////////////////
<html>
<head><title>Mailer</title></head>
<body>
<a href="z.php">Mail me!</a>
</body>
</html>
/////////////////////////////////////////////

contents of z.php:
/////////////////////////////////////////////
<?php
header("Location: mailto:bogo at netscape.com");
?>
/////////////////////////////////////////////

See this pair at: http://www.jenniferdalton.com/z.html

The problem being that the window in which mailme.html was residing (the
opener) gets kinda fubar ("fubar", tech. jargon - See RFC - 3032 :
http://www.zvon.org/tmRFC/RFC3092/Output/index.html )

I tried a target="_blank" but you now get an intermediate fubar window.

Suggestions?


/////////////////////////////////////////////
The cdt.org report that Hans points to
(http://www.cdt.org/speech/spam/030319spamreport.shtml) seems to suggest
that this character entity encoding is actually quite effective against
spambots. Can this be true? I would think that this html entity strategy
would be pretty easy to identify and defeat... Has anyone on the list
written a smart spambot? C'mon, 'fess up!

/////////////////////////////////////////////
Ok, one more ramble: spamgourmet kicks a**! nice disposable email addys,
that one can create on the fly... http://www.spamgourmet.com


--
spamme.8.beef23 at spamgourmet.com