Multipart autoresponder

[Matt]

You can try to obfuscate your email addresses in your code all day long but a good parser script (like these forums as you can see in your php code example) is going to be able to extrapolate the email address no matter what you try to do to mask it.

And the other problem is emails like

info@
support@
sales@

Are used by nearly every sites on the planet, and spammers know this. They go out to WHOIS and query for recently registered domain names, like new-domain.com and add it to their list of domains then start adding prefixes like those above to new-domain.com

They are getting so advanced these days that simple de-obfuscation is easy.

Even this bulletin board was getting automated bot spam for a while there until they came out with a Captcha code requirement for unregistered users who were trying to post in forums that allowed unregistered posting.

It basically has stopped spam on these boards with the exception of those who actually take time to register, spamvertise, then find themselves banned 5 minutes later with their posts removed.

So if you must have public email addresses on the site I recommend not making those the email addresses associated with sending off the autoresponder, and having a Captcha requirement on the forms that handle the mutipart processing.

You could also do a regular autoreponder that has a link to the download, or again use the email pipe to do what you are talking about though it's probably not a good idea for your transfer or the server as a whole and has potential for abuse.

Another suggestion if you want to do a mutipart autoresponder is some sort of human verification like making them login, or cpatch verify or some other validation to get the "uncommon" email address that will handle the response.

Even a "type this word into the box to gain access" would probaly work great seeing as it is a custom script the chances of a spammer sitting there and specifically coding a bot for one website is extremely low.