Making email addresses safe from bots on a webpage?

Question

When placing email addresses on a webpage do you place them as text like this:

joe.somebody@company.com

or use a clever trick to try and fo

Answer 1

I wouldn't bother -- it is fighting the SPAM war at the wrong level. Particularly for company web sites I think it makes things look very unprofessional if you have anything other than the straight text on the page with a mailto hyperlink.

There is so much spam flying around that you need good filtering anyway, and any bot is going end up understanding all the common tricks anyway.

Answer 2

I generally don't bother. I used to be on a mailing list that got several thousand spams every day. Our spam filter (spamassassin) let maybe 1 or 2 a day through. With filters this good, why make it difficult for legitimate people to contact you?

Answer 3

Invent your own crazy email address obfuscation scheme. Doesn't matter what it is, really, as long as it's not too similar to any of the commonly known methods.

The problem is that there really isn't a good solution to this, they're all either relatively simple to bypass, or rather irritating for the user. If any one method becomes prevalent, then someone will find a way around it.

So rather than looking for the One True email address obfuscation technique, come up with your own. Count on the fact that these bot authors don't care enough about your site to sit around writing a thing to bypass your slightly crazy rendering-text-with-css-and-element-borders or your completely bizarre, easily-cracked javascript encryption. It doesn't matter if it's trivial, nobody will bother trying to bypass it just so they can spam you.

Answer 4

It depends on what exactly your needs are. For most sites with which I work, I have found it far more useful to put in a "contact me/us" form which sends an email from the system to whomever needs to be contacted. I know that this isn't exactly the solution that you are seeking but it does completely protect against harvesting and so far I have never seen spam sent through a form like that. It will happen but it is very rare and you are never harvested.

This also gives you a chance to log the messages before sending them giving you an extra level of protection against losing a contact, if you so desire.

Answer 5

The only safest way is of course not to put the email address onto web page in the first place.

Answer 6

I just coded the following. Don't know if it's good but it's better then just writing the email in plain text. Many robots will be fooled but not all of them.

<script type="text/javascript">
    $(function () {
        setTimeout(function () {
            var m = ['com', '.', 'domain', '@', 'info', ':', 'mailto'].reverse().join('');

            /* Set the contact email url for each "contact us" links.*/
            $('.contactUsLink').prop("href", m);
        }, 200);
    });
</script>

If the robot solve this then there's no need to add more "simple logic" code like "if (1 == 1 ? '@' : '')" or adding the array elements in another order since the robot just evals the code anyway.