Blog

Hiding Email Addresses from Spambots

Below are sites, systems and code showing different ways to hide email addresses in markup (HTML) from the automated robots that capture an email address from a Web page to use or sell to spammers.

Add your favorite methods or opinions by scrolling down the page to Add Your Comment.

1. From Anet Dunne:
This is how I have been hiding Email addresses for several years. It validates XHTML Strict

(The name Anet is a link that when clicked on will open a new email message in your email program and display the entire email address.)
To see code, go to: http://HeresMine.com and View Source in the browser to see the code above the dotted line.
 
2. From Bruce Philpott:
At North Bay Internet Society this evening, we were discussing hiding email
addresses from spambots.
 
Here's a solution I copied from someplace (with permission):
<script language=javascript>
<!--
var contact = "bp&#64;brucephilpott.com"
var email = "bp"
var emailHost = "brucephilpott.com"
document.write("email: <a href=" + "mail" + "to:" + email + "@" + 
emailHost+ ">"
+ contact + "</a>")
//-->
</script>
 
The changeable items above are:
var contact = "bp&#64;brucephilpott.com"     [your email address]
var email = "bp"    [your email name]
var emailHost = "brucephilpott.com"  [your domain]
 
3. From Abby Krumel:
Here is what I've tried. It has worked so far, and I'm not hearing any complaints from the client lately.

This is the basic code on the page.
<p>Send an email to <a href="mailto:nospam@domain.com">Jane Smith</a></p>

This is the forwarder in the web host cpanel:
nospam@domain.com to jsmith@sonic.net

My plan is to change the the mailto name whenever the spam levels rise again. Then delete the forwarder, and add a new one for the new name.

4. From Janet Zagoria:
The Enkoder Form (Hivelogic)
http://hivelogic.com/enkoder/form

Directions for The Basic Form
Examples what to fill in the fields:

Email address
janet@aol.com

The email address to enkode (e.g. you@example.com)

Link text
janet@aol.com

Text people will see on the page (e.g. "Email me")

Link title text

Email Janet

Seen when mousing-over the link (e.g. "Click to email me")

Email subject (optional)
From My Home Page

An optional subject line for the email

When the Submit button is clicked, the above produces the below code (script). This script is inserted into the same spot where your mailto would go. You can use span tags around it if that is your CSS system.

<script type="text/javascript">
//<![CDATA[
<!--
var x="function f(x){var i,o=\"\",ol=x.length,l=ol;while(x.charCodeAt(l/13)!" +
"=50){try{x+=x;l+=l;}catch(e){}}for(i=l-1;i>=0;i--){o+=x.charAt(i);}return o" +
".substr(0,ol);}f(\")79,\\\"700\\\\310\\\\100\\\\020\\\\230\\\\t\\\\W230\\\\" +
"010\\\\^]R630\\\\CALl_OGIM030\\\\700\\\\xVEp}P8z}s}K.V5chvit\\\\[[+020\\\\4" +
"20\\\\020\\\\?M610\\\\400\\\\010\\\\-C030\\\\220\\\\}66%320\\\\n%,(!+26|,P^" +
"520\\\\UXTsEJCJC530\\\\JWMv|v;K(ut}e+h;'+o220\\\\130\\\\610\\\\120\\\\400\\" +
"\\300\\\\\\\\\\\\400\\\\000\\\\t\\\\700\\\\530\\\\500\\\\310\\\\600\\\\\\\"" +
"(f};o nruter};))++y(^)i(tAedoCrahc.x(edoCrahCmorf.gnirtS=+o;721=%y;++y)79<i" +
"(fi{)++i;l<i;0=i(rof;htgnel.x=l,\\\"\\\"=o,i rav{)y,x(f noitcnuf\")" ;
while(x=eval(x));
//-->
//]]>
</script>

Another method, although not nearly as good, is an:
Email Address Obfuscators
http://www.albionresearch.com/misc/obfuscator.php
http://www.wbwip.com/wbw/emailencoder.html

These use HTML entities. (Google this term if you need to see the list.) Each character has an equivalent entity but the obfuscator does not turn all letters into their entities. Even if it did it would not make it any more powerful.
janet@aol.com produces:
<a href='&#109;a&#105;l&#116;o&#58;jan&#101;t&#64;%&#54;1ol&#46;%&#54;3&#37;6Fm'>jane&#116;&#64;aol&#46;&#99;om</a>

You can figure this out on your own if you have the list of entities but it takes forever to do.

If you want a Captcha method, you can go to:
Captcha code creator, PHP captcha script
http://www.captchacreator.com


Add Your Comments

(not published)

Reader Comments

2 comments

How the NYTimes hides E-mail addresses

From: Anet Dunne, 10/28/10

I am looking for ideas on hiding Email addresses because I believe SPAMbots can now execute my javascript and capture my mailto address. I was stunned to see that the NYTimes offered a link to send an E-mail to a top reporter. Here's what the link yielded. Any ideas what they are doing? It opens a new tab with the reporter's name filled in. javascript:document.emailUsReporter.submit()

Re: How the NYTimes hides E-mail addresses

From: Janet Zagoria, 10/30/10

Anet- I looked on the NY Times site and did not see this. The email addresses went to a form with nothing filed in. Do you have to be logged in to see what you are describing? What is the page URL and the reporter's name where it is linked to the action you described?