Last modified: 2012-11-03 08:54:19 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T7911, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 5911 - Mask email addresses to discourage casual harvesting
Mask email addresses to discourage casual harvesting
Status: RESOLVED FIXED
Product: MediaWiki extensions
Classification: Unclassified
Extensions requests (Other open bugs)
unspecified
All All
: Low normal with 3 votes (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-11 13:29 UTC by Marco
Modified: 2012-11-03 08:54 UTC (History)
2 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Marco 2006-05-11 13:29:19 UTC
At the moment eMails given to MediaWiki with [mailto:CDL-Klever@gmx.net M]
results to HTML
<a href="mailto:CDL-Klever@gmx.net" class='external text'
title="mailto:CDL-Klever@gmx.net" rel="nofollow">M</a>

This leads to spambots opening a wiki userpage  (and ignoring robots.txt) which
parse HTML and see an email. A way to stop them gathering emails of wikipedians
would be a charmask of the link in <a href=(.*)">. Is this possible?
Comment 1 Daniel Kinzler 2006-05-11 13:36:24 UTC
I'd guess that most spam bots are smart enough to decode character references
these days - so I think this is not such a good idea. There are alternative ways
(render into an image, use javascript to decode a scrambeled mail address,
simply inser junk, etc) - all of which only work to some extend and have
disadvantages for some people, especially blind people, etc.

I would suggest to implement a hook for email obfuscation - that way, it would
be simple to write extensions for all kinds of address obfuscation / protection.
Comment 2 Rob Church 2006-05-11 13:54:39 UTC
Of course, the solution to not making your email address available to the
public...is to not publish it on a public web site which anyone can read.
Comment 3 Platonides 2006-05-13 21:46:52 UTC
I like an unicode character that shows an @ bu it's not the 0x40 character, so
it's different for bots.
Users don't notice it, but may have problems if they copy-and-paste the address
in its mail client. Any workaround for it?

Normal: @
Unicode: ﹫

See also http://es.wikipedia.org/wiki/Usuario:Platonides/simbolos
Comment 4 MiG 2006-06-12 12:32:31 UTC
I agree with Rob; mail addresses should not be visible. Whatever you add to a
mail address to hinder bots, if it's visible and in significant numbers, it will
be of interest to a spammer to create a conversion filter for.

A better way of handling accounts and mail addresses would be to have user names
and give a user the opportunity to choose mail address visibility themselves
(the same way most wiki projects work). Bugzilla after all will be able to mail
updates regardless of public mail address visibility. I've taken a lot of
precautions to prevent ending up on a spam list over the past ten years, so I'd
quite like to see this fixed before my inbox starts overflowing.
Comment 5 Antoine "hashar" Musso (WMF) 2007-05-10 21:16:34 UTC
Wontfix as per comment #2
Comment 6 MiG 2007-05-10 21:41:58 UTC
You're saying people either shouldn't be submitting bugs here at all, or go
through the bother of creating expiring mail addresses to help track bugs.
I'm assuming here that the vast majority of bugzilla participants mildly,
possibly even strongly dislikes unsolicited bulk email.
Is the coding to give people a choice in this matter that difficult to implement?
Comment 7 Antoine "hashar" Musso (WMF) 2007-05-10 21:46:19 UTC
This bug was about obfuscation in MediaWiki. I opened a new bug
for our bugzilla: Bug 9872.
Comment 8 Omegatron 2007-09-22 13:16:44 UTC
(In reply to comment #2)
> Of course, the solution to not making your email address available to the
> public...is to not publish it on a public web site which anyone can read.

(In reply to comment #5)
> Wontfix as per comment #2

Wouldn't it be nice if everyone was as technically-savvy as you?  But they're not.

Why not do what Google Groups does?  All email addresses would be obfuscated automatically, with things like CDL-Klever@gmx.net becoming CDL-Kle...@gmx.net, and the only way to access the actual email would be to pass a CAPTCHA.

Remember that Mediawiki is not just used on Wikipedia.
Comment 9 Nemo 2012-11-03 08:54:19 UTC
(In reply to comment #8)
> Remember that Mediawiki is not just used on Wikipedia.

Yes and most wikis don't have many email links in their pages, only a few; and many even want those few to be clickable.
Anyway, moving to extension requests and marking fixed as [[mw:Extension:EmailAddressImage]] was created in the meanwhile (five years ago or a week after last comment, actually).

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links