We know that spambots look for the mailto: and @ symbols.
Some reports show good results when using uni-encoded characters or html character entities to hide only these two elements of an email address.
So that, <a href="mailto:mymail@mydomain.com">EMAIL US</a>
might become,
EMAIL US
(please use view source to see code)
ASCII and HTML code table at Killersites.com
An online list of special characters for reference: http://www.w3.org/
and reference charts for Unicode at, http://www.blooberry.com/
Others will argue that completely obfuscated email address is the best method.
Here's an online utilty to do this. It differs from most because it will uni-encode everthing including the mailto link whcih most online utilites leave intact.
An Example: EMAIL US
(please use view source to see code)
There are a couple javascript masks that I have used to break apart the mailto: link and then reassemble it.
It has been common practice to assume spambots don't bother reading .js, however, recent research may indicate otherwise. I haven't run into too many problems with it however.
Get these on another web page that opens a new window.
Images can be an effective method. Remember that the image is not to be written as a link itself, otherwise it would be ineffective.
![Email us at, mymail at mydomain.com [replace at with @]](images/myemail.gif){kind=small}
Hold your mouse over the image to see the alternate text. Notice how it doesn't list the email as mymail@mydomain.com but provides instructions on how to use.
Name Intelligence offers thier custom encryption image processor to the public.
To see how they protect email addresses, perform this look-up for the killersites.com website.
Next, use the following link to visit their Free email protection script utility.
Here's an example of the results:
Mailmask.net has a free utility that will mask your email using javascript. A visitor wishing to send you an email clicks on your link which opens a small window requesting the visitor to first input a server generated image of characters. Once completed, the viewer gains access to your email address.
There is an example on their home page at http://www.mailmask.net
PHP forms offer the best functionality and customization.
Some basic benefits of most PHP email scripts: email masking, validates the user's email address, required form fields, customizable error and confirmation pages, some will collect the sender's IP address and some will encrypt the message. Below are examples of PHP email scripts for use.
You might also visit a site like, The New World for more choices.
Some suggestions: save the php mailer script into a separtate directory with indexes turned off (apache web server); You can still obfuscate your email address that is entered into the php mailer script for added protection; generally spambots ignore Robots.txt and any meta tags that deny entry into a directory, however, it is good practice to do this anyway for an added layer of protection.
Spambots will not follow a Post command in a <FORM> so a Perl program can be used: script originally found on http://www.turnstep.com/Spambot/
1. Create a perl file called nospam.pl and save it into your server's cgi-bin.
#!/usr/local/bin/perl -- -*-fundamental-*-
## Written by Greg Mullane
## Please see http://www.turnstep.com/Spambot/
##
## This program redirects outgoing mail to avoid any "mailto" tags
## Assumes use of a simple form with the name and email put into
## 'spambot' and 'beware' fields
use CGI;
use strict;
my $q = new CGI;
my $name = $q->param('spambot');
my $domain = $q->param('beware');
$|++;
print "Location: mailto:$name\@$domain\n\n";
print "Email to $name\@$domain!\n";
exit;
## End of program
2. Add this form where you would like to place a link to your email:
A better mousetrap Harassment of Spambots Poorly-drawn cartoons inspired by actual spam subject lines- Fight SpamBots!
Resources on why spam is bad - Another method involves a little known meta tag. It is worth mentioning and ProjectHoneyPot.org ( a spam trap organization) suggests to include it at the top of every web page. It is the <meta name="no-email-collection" value="[link to your terms]">
Their web page that addresses this topic can be viewed here - MailMask.net has a section that discusses what the spambot of the future may be capable of doing.
Harvester Bots of the Future - Killersites.com Spam Blocker Coalition Spam Blocker