304612 - e-mail addresses displayed in plain text - food for SPAM spiders?

Status: VERIFIED DUPLICATE of bug 219021

(Bugzilla :: User Interface, enhancement)

Description

[Christian Balzer]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE; rv:1.7.10) Gecko/20050717 Firefox/1.0.6
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE; rv:1.7.10) Gecko/20050717 Firefox/1.0.6

On those bugzilla pages I checked, e-mail addresses are displayed in plain text,
or in the case of the "Show votes" list (e.g.
https://bugzilla.mozilla.org/votes.cgi?action=show_bug&bug_id=288054 ), have an
encoded  @ (@).

I don't know anything about e-mail harvesting software, but I think this might
just be what they are looking for...

Also, I doubt whether simply using the hex code for an @ will stop them...
(...Is it actually e-mail or email...?)

Reproducible: Always

Steps to Reproduce:
1. Open website in browser.
2. Select View > Show Source Code or press Strg+U
3. Scan document for e-mail addresses listed, e. g. search for @ or @
Actual Results:  
Found plain text e-mail addresses and mailto:-links.

Expected Results:  
Would expect to see some completely encoded addresses (not only @ encoded, but
everything). Maybe use of graphic-@s. Possibly no mailto-links but only links to
contact forms à la /mail?user_id=xyz enabling web surfer to send mails to
registered users only.

Also, maybe just disable displaying any e-mail addresses to anyone _not_ logged in?

Maybe abusing rtl and CSS might do the trick:
<span style="unicode-bidi:bidi-override; direction:
rtl;">gro.elpmaxe@retsambew</span>
Found example at http://www.drweb.de/weblog/weblog/index.php?p=68 (de).

Comment 1

[Max Kanat-Alexander]

See also bug 120030.

*** This bug has been marked as a duplicate of 219021 ***