Supported by :   My Law Forms Ltd. - Deed polls and Tenancy Agreements

Stop spam: Don’t use mailto links!

How can you add an email address link (mailto:) to a webpage but also reduce the risk of that email address being harvested by spammers?


An ideal method would be to use one of the many alternative contact form solutions available. If use of these options is not possible and it is important to display an email address with a mailto: link on a webpage, this tip will help obscure the email address from spam harvesters, whilst allowing the form to work normally.

help_NO_SPAM@xhtmltips.co.uk

Most solutions to publishing email addresses involve changing the address to something that is only humanly readable. For example:

help at xhtmltips dot co dot uk

Whilst it is possible to read this, and understand what the address might be, it does not provide a clickable link.

Most harvesting scripts are scanning for the essential email ‘at-symbol’ @ anywhere within a document. This tip simply replaces that character with the entity reference – @. The result is a link the browser can understand, but that will not match an email address pattern.

When you click this link, it should launch your favourite email client, in order to send a message to the address help@htmltips.co.uk

NB: this is far from a safe way to protect your email address from spammers. The only effective way to do this, is to not publish the address on a public webpage. It does however offer a ‘halfway-house’ solution which may help those using free website hosting solutions.

This format of the address will work in most browsers :

<a href="mailto:help@htmltips.co.uk">help@htmltips.co.uk</a>

This entry was posted on Tuesday, May 8th, 2007 at 4:57 pm and is filed under HTML help, XHTML tips. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

One Response to “Stop spam: Don’t use mailto links!”

  1. admin says:

    For clarity, the entity used in the above example is shown below with spaces between each character to prevent browser translation into the ‘at-symbol’. Simply remove the spaces to include in your own code.

    & # 6 4 ;