Skip to main content

Hide your email address on websites from spam

E-mail addresses in your blog or webpage are no secret to spam robots. Here's a guide that should help you protect your email addresses from these spam spiders. Techniques mentioned use text manipulation, Masking, HTML, Flash, CSS, Javascript, etc to hide email.

Email harvesters are the most unwanted visitors on any website. These email spambots crawl the web via search engines to find and extract email addresses from webpages. Chat rooms are virtual magnets for email harvesting software. Email harvesters also scan public areas of the web like internet newsgroups, listserv and forums, blog comments area, "Contact Us" webpages, mailing list archives and guest books. To fool email spammers, let's see how spambots search for email addresses embedded in web pages.

See updated guide: How to Hide Email Address on Websites

How email spammers operate?
Email addresses always contain an @ symbol. Most spambots do a pattern-search for likely combinations of letters ( like or in the HTML source of webpages. Often they just search for the @ character and grab all the letters on each side on the assumption that it's a valid email address.

How to keep your email address available to humans but invisible to email spiders?
There are tons of Email Address Protector software that claim to protect your email address in web pages and get rid of junk mail - Don't waste your money, they only encode your email or generate a javascript snippet. We will discuss manual email encoding techniques here. If a visitor clicks an encryped email link on your website, it will work as normal, but spam robots will not be able to extract the address from the link.

Replace the AT (@) and DOT (.) symbols:
The most common approach to block email harvesting is to remove the @ symbol. If you eliminate the @ from email addresses then most spambots won't be able to recognize that the text is actually an email addresses: Here are some examples:

a.p.agarwaal AT gmail DOT com
a.p.agarwaal (at)

Mask your email with tags, append meaningful words:
Consider "masking" your email address. Masking involves putting a word or phrase in your email address so that it will trick a harvesting computer program, but not a person. Some email masking examples commonly employed by newsgroups and mailing list subscribers:

Also known as email address munging - changing your real e-mail address in a way that will make it unavailable for harvesting.

Replace text with an image:
This technique involves creating a graphic or screen capture of your email address text in jpg, png or gif formats and display that picture instead of the actual address string. Robots and spiders can't read the text that is embedded in the image. Anyone who wants to email you will have to manually type in your address though.

Email Obfuscators
E-mail Obfuscator make you email less vulnerable to spammers. Using an online email Obfuscator, convert (or disguise) individual characters of your email address into corresponding ASCII code (a <=> &#x61; hex coding) For example, the email address is represented in ASCII as:
The above ASCII string can be used as argument for mailto: protocol as shown here. Email addresses will appear perfectly normal, and will even be clickable, to human visitors to your website.
<a href="mailto:ASCII_STRING">e-mail to confuse sniffer ASCII_STRING </a>

Encode the mailto: and @ symbols with special HTML characters Encode the mailto: and @ characters with this code:
mailto: changes to &#109;&#097;&#105;&#108;&#116;&#111;
@ changes to &#064;

The email link HTML code to hide your email address will look like:
<a href = "&#109;&#097;&#105;&#108;&#116;&#111;name&#064;" >hidden email</a>

Hide email using CSS trick (direction property)
Scramble the email - While coding HTML, jumble and write the email address in reverse direction. ( should be written as moc.b@a). We can then use CSS stylesheet to reverse the email address againwhen rendering. Here's the sample HTML code with CSS.
<style type="text/css"> .backwards {unicode-bidi:bidi-override; direction: rtl;} </style>
<span class="backwards">moc.b@a</span>

If someone copies your email address, it will available in the reverse direction. Would not work on older browsers.

Use Macromedia Flash
You can easily create a tiny.swf file in Flash with embedded mailto: behaviour. The button action used to pick up the text held in the variables is:
on (release){ getURL ("mailto:" +recipient+ "?cc=" + cc + "&subject=" + subject + "&body=" +body) }
Requires Macromedia Flash player on client's machine.

How to hide your email address from spammers with JavaScript

Let's look at more advanced methods that use javascipt to hide the email ( Remember to use noscript tags since some users prefer to disable javascript in browsers:

1. Basic Email Script

<script language=JavaScript>
document.write("name" + "@" + "");
//--> </script>

2. Basic Mailto: Email Script with Link Text
<script language=JavaScript>
var user = "name";
var host = "";
var link = user + "@" + host;
document.write("<a hre" + "f=ma" + "ilto:" + user + "@" + host + ">" + link + "</a>");
//--> </script>

3. Inline JavaScript
<a href="#" onclick="JavaScript:window.location='mailto:'+'name'+'@'+'domain'+'.com'" >Send me an email</a>

4. External JavaScript file
<script language="JavaScript" src="email-encoding.js"></script>
The external javascript contains the code mentioned in 2 above.

The best method to hide Email Address From WebBots
No one likes unsolicited email. Encoding email addresses on your web site reduces the risk of spam but they are not foolproof methods. The best option is to replace your entire contact mechanism with a contact form and using the POST method while submitting the form.

Or maintain two e-mail addresses: one you give only to trusted people, the other you expect to get spammed.

Popular posts from this blog

How to Download Contacts from Facebook To Outlook Address Book

Facebook users are not too pleased with the "walled garden" approach of Facebook. The reason is simple - while you can easily import your Outlook address book and GMail contacts into Facebook, the reverse path is closed. There's no "official" way to export your Facebook friends email addresses or contact phone numbers out as a CSV file so that you can sync the contacts data with Outlook, GMail or your BlackBerry. Some third-party Facebook hacks like "Facebook Sync" (for Mac) and "Facebook Downloader" (for Windows) did allow you to download your Facebook friends' names, emails, mobile phone number and profile photo to the desktop but they were quickly removed for violation of Facebook Terms of Use. How to Download Contacts from Facebook There are still some options to take Friends data outside the walls of Facebook wall. Facebook offers the Takeout option allowing you to download all Facebook data locally to the disk (include

Digital Inspiration

Digital Inspiration is a popular tech blog by  Amit Agarwal . Our popular Google Scripts include  Gmail Mail Merge  (send personalized emails with Gmail ),  Document Studio (generate PDFs from Google Forms ) and   File Upload Forms ( receive files  in Google Drive). Also see  Reverse Image Mobile Search , Online Speech Recognition and Website Screenshots , the most useful websites on the Internet.

PhishTank Detects Phishing Websites by Digg Style Voting

OpenDNS, a free service that helps anyone surf the Internet faster with a simple DNS tweak , will announce PhishTank today. PhishTank is a free public database of phishing URLs where anyone can submit their phishes via email or through the website. The submissions are verified by the other community members who then vote for the suspected site. This is such a neat idea as sites can be categorized just based on user feedback without even having to manually verify each and every submission. PhishTank employs the "feedback loop" mechanism where users will be kept updated with the status' of the phish they submit either via email alerts or a personal RSS feed . Naturally, once the PhishTank databases grows, other sites can harness the data using open APIs which will remain free. OpenDNS would also use this data to improve their existing phishing detection algorithms which are already very impressive and efficient. PhishTank | PhishTank Blog [Thanks Allison] Related: Google