• Hi
    I have a quick question: does NodeBB have any build in prtection for the e-mail addresses written by users in the posts?
    Because from time to time users post their emails without trying to ecrypt them somehow and I'm afraid they will receive too much spam after some time. As it usually happens to all the emails posted online as plain text.

  • GNU/Linux Gamers

    @aleksei you could send the emails through the private chat feature

  • Community Rep

    @aleksei I don't think so. You mean like auto obfuscate whenever some regex detects an "email address"? Don't think it would be that great an idea. Plus the spam bots scrapers are smart enough to detect the most commonly used and autocorrects. Folks ought to be smart enough to know not to post their email addresses publicly, eh? I mean, at what point does your responsibility of due diligence as site operator end and theirs as supposedly responsible adults begin?

    So .... maybe you need to do some retraining. Politely point out that email addresses posted publicly will be scraped by the spammer bots and suggest PM as option. For larger audiences where they feel they must post publicly? Encoding them would be a first step. But this is may be a reach for non technical types.


  • @gotwf said in Email Address Protection?:

    Don't think it would be that great an idea

    Just opposite. It would be show-stopper for various scrapers......


  • @dunlix said in Email Address Protection?:

    @aleksei you could send the emails through the private chat feature

    Yes, I can, but sometimes people share their emails for many others and want to post them directly in the topic.

    @gotwf said in Email Address Protection?:

    Don't think it would be that great an idea.

    I think it's great idea. As @macfan mentioned it can be a showstopper for scrapers. If not for all of them, then at least for majority. But don't know how to make it properly. I used this tool on my sites before and I never had any spam problems. But the problem is that obfuscated text must be inserted into page template by the back-end to hide it from scrapers. A front-end plugin won't affect anything.
    But maybe if I make JS to find emails and obfuscate them directly in the composer (before publishing the post) will it work?

    Folks ought to be smart enough to know not to post their email addresses publicly, eh?

    Haha, no 😊
    You, guys, are developers and those things are obvious for you. But you cannot imagine what an insane amount of ordinary people just don't know about this or don't think about. They're not technologically educated and they know nothing about how the Internet works. Some people may have heard advices about non-publishing email addresses online, but there are so many of them who didn't. And we can't blame them — it's just the world we live in. And I'm thinking how to make experience of those people more comfortable.

  • Global Moderator Plugin & Theme Dev

    It's definitely possible to implement this with a plugin.

    You'd hook into filter:parse.post and obfuscate the email however you'd like.

  • Community Rep

    Obfuscating the email address does not raise the bar much as bot scrappers and ai will only continue to "progress".

    So we're left with encoding. Thankfully, at this juncture at least, most scappers are either not onto this or don't care since since a fringe case? Whatever. Still no magic bullet. But maybe best of the low hanging fruit options since should be easy peasy to code.

    Trying to mitigate email abuse is a noble goal. We just need to actually "game it out" cuz that is what this all boils down to for the AI hotshots. Else otherwise all you got is purely psychological protection...., a.k.a. PPP. Which is not a bad thing. If/when it's you're only thing. But.. just sayin.... stuff happens on the sharp end.

Suggested Topics

  • 3
  • 2
  • 2
  • 13
  • 5
| |