Email Address Protection?

General Discussion
  • Hi
    I have a quick question: does NodeBB have any build in prtection for the e-mail addresses written by users in the posts?
    Because from time to time users post their emails without trying to ecrypt them somehow and I'm afraid they will receive too much spam after some time. As it usually happens to all the emails posted online as plain text.

  • @aleksei you could send the emails through the private chat feature

  • @aleksei I don't think so. You mean like auto obfuscate whenever some regex detects an "email address"? Don't think it would be that great an idea. Plus the spam bots scrapers are smart enough to detect the most commonly used and autocorrects. Folks ought to be smart enough to know not to post their email addresses publicly, eh? I mean, at what point does your responsibility of due diligence as site operator end and theirs as supposedly responsible adults begin?

    So .... maybe you need to do some retraining. Politely point out that email addresses posted publicly will be scraped by the spammer bots and suggest PM as option. For larger audiences where they feel they must post publicly? Encoding them would be a first step. But this is may be a reach for non technical types.

  • @gotwf said in Email Address Protection?:

    Don't think it would be that great an idea

    Just opposite. It would be show-stopper for various scrapers......

  • @dunlix said in Email Address Protection?:

    @aleksei you could send the emails through the private chat feature

    Yes, I can, but sometimes people share their emails for many others and want to post them directly in the topic.

    @gotwf said in Email Address Protection?:

    Don't think it would be that great an idea.

    I think it's great idea. As @macfan mentioned it can be a showstopper for scrapers. If not for all of them, then at least for majority. But don't know how to make it properly. I used this tool on my sites before and I never had any spam problems. But the problem is that obfuscated text must be inserted into page template by the back-end to hide it from scrapers. A front-end plugin won't affect anything.
    But maybe if I make JS to find emails and obfuscate them directly in the composer (before publishing the post) will it work?

    Folks ought to be smart enough to know not to post their email addresses publicly, eh?

    Haha, no 😊
    You, guys, are developers and those things are obvious for you. But you cannot imagine what an insane amount of ordinary people just don't know about this or don't think about. They're not technologically educated and they know nothing about how the Internet works. Some people may have heard advices about non-publishing email addresses online, but there are so many of them who didn't. And we can't blame them — it's just the world we live in. And I'm thinking how to make experience of those people more comfortable.

  • It's definitely possible to implement this with a plugin.

    You'd hook into and obfuscate the email however you'd like.

  • Obfuscating the email address does not raise the bar much as bot scrappers and ai will only continue to "progress".

    So we're left with encoding. Thankfully, at this juncture at least, most scappers are either not onto this or don't care since since a fringe case? Whatever. Still no magic bullet. But maybe best of the low hanging fruit options since should be easy peasy to code.

    Trying to mitigate email abuse is a noble goal. We just need to actually "game it out" cuz that is what this all boils down to for the AI hotshots. Else otherwise all you got is purely psychological protection...., a.k.a. PPP. Which is not a bad thing. If/when it's you're only thing. But.. just sayin.... stuff happens on the sharp end.

Suggested Topics

  • 0 Votes
    5 Posts

    @julian Basically I replaced the whole validateEmail() function to be only

    function validateEmail(email, callback) { callback = callback || function () {}; var email_notify = $('#email-notify'); socket.emit('user.emailExists', { email: email, }, function (err, exists) { showSuccess(email_notify, successIcon); callback(); }); }

    and I am getting "invalid email" error after accepting forum terms, of course I am not inserting an email but in this case a minecraft username

  • 0 Votes
    3 Posts

    If you go to MailGun's site, there might be information there.

  • 0 Votes
    2 Posts

    That link is generated using the value of url in your config.json file. Change the url and remove the 4567 and set up nginx to reverse proxy.

  • 0 Votes
    3 Posts

    @bansri You need to install sendmail on your server if you are getting this error. Error: spawn sendmail ENOENT

  • How to setup email

    General Discussion
    0 Votes
    4 Posts

    I know people hate thread bumpers, but for anyone who wants to self host their own mail server you can try mail in a box. Its free and open source easy to setup mail server.once you get it setup then you can just connect your smtp credentials and start sending mail with it. It should run pretty comfortably on a $5 or $10 vps. the advantage is you also get a fully functional email server so you can have staff email addresses and stuff.