Publishing an email address on a web page invites more spam. Protect your address by masking it from the email harvesters (spambots) used by spammers. This article tests 50 masking methods against 23 harvesters to see which methods work to stop spammers, and which do not.
Legitimate web site visitors are there to read your content, but spammers only visit to run email harvesters (spambots) that scan your web pages for email addresses. To protect your addresses, and avoid wasting network bandwidth talking to spammers, change your web server configuration to block spammer access. Blacklist spammer IP addresses, block access from known harvester spiders, or require visitors to log in. Some of the methods tested in this article were successful at blocking email harvesters.
Spammers use email harvesters (spambots) to scan the text of your web pages looking for email addresses. Protect those addresses by replacing the text address with an image or Flash animation that draws the email address. None of the harvesters tested in this article could read addresses drawn with images or Flash.
A plain email address on a web page is easily found by the email harvesters (spambots) used by spammers. To make it harder to find, split the address into pieces. Separate the pieces with HTML tags or spaces, insert the word “nospam”, replace the “@” with “at”, or put the pieces on separate lines or in separate table cells. The harvester tests reported in this article show that many of these methods work well to stop harvesters.
A spammer’s email harvester is a web spider that crawls through the pages of your site looking for email addresses. To protect your addresses, hide the pages that contain them. Use a
robots.txt file or
<meta> tags to stop well-behaved harvesters (are there any?), and hidden links, redirects, forms, and frames to try to stop the rest. The email harvesters tested in this article were stopped by some of these tricks, but not by others.
The email harvesters (spambots) used by spammers scan your web pages looking for email addresses to add to their spam mailing lists. Obfuscating an address obscures or scrambles its characters, making it harder for a harvester to recognize. The most common method replaces characters with their numeric ASCII character code equivalents. Browsers automatically unobfuscate the address so that site visitors can read it. While this is a popular method to protect an email address, the harvester tests reported in this article show that newer harvesters now recognize many of these addresses.
Instead of publishing your email address to a web page, where it can be harvested by spammers, provide a contact form. Filling out the form sends you email without showing your email address to the site visitor (or spammer). To block automated programs from filling out the form, add a CAPTCHA challenge to detect human visitors. Site visitors will still be able to contact you, but spammers will be blocked.