BEST PRACTICE FOR THE HANDLING OF EMAIL ADDRESSES ON MAINE STATE WEBSITES

I. Statement

A significant source for SPAM is the successful harvesting of email addresses from web sites. Maintainers of web sites are encouraged to minimize the disclosure of internal email addresses.

II. Purpose

Establishes best practice guidelines for limiting exposure of agency email addresses from SPAM robot harvesting in order to implement the Policy to Minimize Delivery of Unwanted Commercial Electronic Messages throughout Maine State Government.

III. Applicability

This best practice applies to all websites generated by any state agency.

IV. Responsibilities

A. Compliance - All staff engaged in the creation, updating, and maintaining agency websites are responsible for becoming familiar, and implementing the contents of this best practice. Webmasters and vendors are responsible for incorporating standard operating procedures to ensure their staffs are familiar with, and adhere to the best practices regarding email address handling and SPAM reduction.

B. Review - There is no compliance review.

V. Guidelines & Procedures

A. The best practices for email address handling and SPAM reduction process is outlined below.

1. Webmasters shall evaluate all current instances of mailto links or plain text email addresses on their agency’s website(s), in order to replace individual’s email addresses with general contact forms. Email addresses and mailto links that are not necessary shall be removed.

2. For cases where an electronic contact method for one or more individuals is required, State websites shall use an HTML contact form instead of a mailto email link. Webmasters may use the conversion solution provided by InforME or they may create a customized form. Note: In addition to changing the link, the text should also be changed so that the email address is not posted in the text of the page. Recommended link text: “Contact [Name]”.

3. If neither of the above will meet the needs of the agency for a particular case, a possible last resort solution which minimizes access to State addresses to spammers, may be to post a mailto link to an email address after using a standard Email Encoder provided by InforME. Note that the email encoder provides some level of protection but is not entirely effective at preventing harvesting of the address for SPAM. There are also some potential usability issues with this method for users on public computers.

4. In no instances should a non-encoded mailto link to a state email address or a plain text state email address be posted on a public website.

5. These requirements apply to Maine state government email addresses. For non-state government email addresses that may be posted on an agency website, it is recommended that the agency explain the spam ramifications of posting email addresses, to the non-state government individual/entity. They will be encouraged to choose SPAM-prevention methods.

B. Process/Implementation - The best practices for Email Address Handling on Maine State Websites for SPAM Prevention will be handles by one of the following methods:

1. Best - convert mailto links to the InforME supplied HTML contact form. Webmasters may substitute a specially formatted link in place of a mailto link. The new link will automatically direct the user to the standard contact form. The submitted form data will be sent to the email address designated by the agency via special code in the link. After submitting the form, the user will be redirected to a “thank you” page and provided a link back to the originating agency page. The standard contact form includes an optional checkbox for the user to choose to receive a copy of their message.

2. Good – Use the InforME supplied standard email encoder tool on the Webmaster Resource Center. Webmasters will use this simple web interface to put in a normal email address and get back the encoded version that should be used for the site link. The encoder converts an email address to standard ASCII characters.

VI. Definitions

1. Spam - Generally unwanted, unsolicited email. See Policy to Minimize Delivery of Unwanted Commercial Electronic Messages throughout Maine State Government for an expanded definition.

2. Mail to Link - A method to allow a person viewing a webpage to click on the link and send email to a specified address.

3. HTML Contact Form - A form presented on a web page that allows the user to send an email message to an agency employee without placing the employee’s email address into the public forum.

4. Web Master - The person responsible for maintaining and updating an agency’s website(s).

VII. References

1. State of Maine Email Policy

2. Policy to Minimize Delivery of Unwanted Commercial Electronic Messages throughout Maine State Government http://www.maine.gov/oit/oitpolicies/index.htm

VIII. Document Information

1. Document Reference Number: 3.1

2. Category: Internet, Network and Transport

3. Adoption Date: August 10, 2006

4. Effective Date: August 10, 2006

5. Review Date: August 10, 2009

6. Point of Contact: Paul Sandlin, eGovernment Services, Office of Information Technology, (207) 624-9427

7. Approved By: Richard B. Thompson, Chief Information Officer

8. Position Title(s) or Agency Responsible for Enforcement: N/A

9. Legal Citation:

10. Waiver Process: