Masking Your Email Address

This was originally written in May 2002. It was updated in February 2007 and April 2014.

Some of you are probably aware of spiders. They are these little programs that surf the internet looking for data. Some spiders assist search engines in helping you find the web page you are looking for. Those are the good spiders. There also exists evil spiders. They jump from web page to web page looking for email addresses. Once they find one, they send it to a database so someone can send you junk email. Not cool.

Hiding In Plain Sight

What we need is a way to display an email address so the reader of a web page can communicate with the web site, yet we also need to hide the address from the spider. The reader and the spider are looking at the same web page but at differently levels. The reader is looking at the browser’s rendering of HTML. The spider is looking at raw HTML.

Three ideas come to mind: ASCII codes, server-side mail forms and images. ASCII codes and images will look like email addresses on the screen, but nothing like an email address in the source code of the HTML document.

Aquarius Spam Tin Lunch Box
Aquarius Spam Tin Lunch Box

Method 1: ASCII

In HTML when you place “&#” in front of the ASCII code of a character the browser will write the character not the ASCII code to the screen. The reader will see the real character and the spider will see the ASCII codes. The ASCII codes won’t look like an email address, so the spiders won’t notice.

Examples:

  • A  will render as an uppercase A.
  • b  will render as a lowercase b

The function below accepts an email address as a parameter and returns a masked email address that is made up of ASCII codes. When the browser writes the codes to the screen it will get converted back to text. Although it’s possible for a spider to read and convert ASCII codes inside the HTML source, it’s probably not that prevalent. The function goes character by character converting the email address. The last step is to merge the masked email address with the HTML mailto: tag. In order to minimize the chances a clever spider might look for the mailto:, this example masks that word as well.

maskEmail

Then you can call that VBScript function from inside an ASP page. For more information email me at <%= maskEmail(“someEmail@someDomain.net”) %>. The above function should be easy enough to convert into your language of choice.

For those that don’t want to add any code, but are comfortable with HTML, I created a tool to help you.

Mask Email ASCII Generator

Method 2: Server-side Mail Forms

These are the contact forms you see everywhere these days. The user fills out a form, clicks submit, and hopes it gets to somebody. This is great for the recipient, because their email address never appears on the site. However, some users don’t trust filling out a form and will withhold feedback.

Recently I was trying to open a new account with eFax.com. Their order entry page was down so I filled out a form alerting them to the problem. After detailing the problem the form rejected because I didn’t already have an account with them. They didn’t have a direct email address listed anywhere else, so I became a customer of one of their competitors.

Method 3: Images

Another option is to create an image of our email address. I created a tool to help you build your own.

Mask Email Image Generator (Email Obfuscator)

Method 4: Chopped Javascript

Now that you have an email image or icon, you may want to assist the users so they click on an email address image it behaves as if it were a hypertext link. This means having their email client launched with the TO line filled out for them. In order for this to happen with the email image, we need to hack out a chopped Javascript function. There are many possible ways to write it.

In this example I wrote a function that accepts an email address into 3 parts  I used the email address larrykind@cnn.com and split it into 3 parts. Where the splits happen is not important. The code reassembles the email and launches the email client. How you chop up the email address is up to you. Also feel free to change the sequence of the parameters.

function postage(one,two,three){     
window.location = 'mailto:'+one+two+three;}

2014 Update

I believe using the above tools over the past 12 years has greatly reduced the amount of SPAM I received. However, these days SPAM filters are much better, so the need for the above code may be fading. Your call.

ASP.NET Control

I created an ASP.NET control version as well, which is available on GitHub.

Comments

  1. Johan Linden says

    If you don’t need a static email address I would recommend MaskMe from the Abine. A very credible company and service. And the price is ZERO.

    I’m not affiliated.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Current ye@r *