On Mon, May 28, 2001 at 05:22:31PM -0700, Chuq Von Rospach wrote:
> Yes. That's why I'm looking for better ways to protect an archive but
> make it easy for legitimate users to get to it. The spambots force my
> hand (IMHO) in protecting them, but putting them behind a password is
> awkward. I've tried a few other things, but nothing worth talking
> about, so I'm still looking.
Nothing worth talking about? Bah.
We have three different mechanisms in place to keep harvesters out:
1. Apache rewrite rules to deliver 404 errors to User-Agents known
to be evil (e.g. EmailSiphon).
2. A hacked copy of Ron Guilmette's Wpoison tool that blackholes
packets from sites which appear to be running rogue spiders.
3. On-the-fly munging of e-mail addresses into HTML entities (e.g.
com becomes twp@.... etc.)
In six months, the trap addresses I have seeded our pages with have
not been spammed. You can see the results at