[thelist] nospam email encoding (think I found a good one)

Aleem Bawany aleem.bawany at utoronto.ca
Sun Dec 8 05:03:01 CST 2002


After reviewing a whole bunch of encoding tricks and veryfing
each one to check if it got caught, I found all of them got caught
( http://willmaster.com/possibilities/demo/RetrieveEmails.cgi )

one of the better ones, I saw on use at http://www.doxdesk.com/ was
to encode the % sign followed by 40, rather than encoding @:

%40
(ASCII % followed by encoded 4 followed by plain 0 = %40 = @)

Even that unfortunately, got caught on the above site. However,
I discovered padding the ASCII code with 0's threw off the encoder:

@ (@ is ASCII encoded HTML entity for @)

ASCII encoding is limited to 3 digits, but the above encoding works fine
on IE, Moz, Lynx. The final email would look like this for x at y.com:
<a href="x&#00037;&#000052;0y.com">x&#0000064;y.com</a>

Are there any problems with the above encoding? Am I just beating the
drum for no reason because one site failed to catch the encoded @? Would
it be a significant pain to the spammers to change their existing
regular expressions to accommodate this one?

Aleem

http://members.evolt.org/aleem/





More information about the thelist mailing list