Prevent Email Harvesting

Not open for further replies.
Just wondering how people are masking their email addresses on their websites to prevent email harvesting.

I know one old technique was to use the "contact AT domain DOT com" but that looks ugly as sin for my liking

Any alternatives?


Staff member
Try the following:

$domain = "";    if ($email) {
      header ("Location:mailto:$email@$domain");
    else {
      echo "No Email was present...";
The address you then use is
<a href="nospam.php?email=sales">email us</a>
which would convert it into sales@


New Member
Nice, thanks Michele.

How effective do people find these measures?

Is it a battle worth fighting?

Should the email address be printed on the site plainly for people to make a note of, or copy and paste...?

Do people use coding measures to print them out... is that worth it?

Etc etc... ;) Seriously though, very curious. I usually just put the email up there plain old fashioned seeing as you're going to be fighting spam at various levels elsewhere anyhoo...


Staff member

It depends a lot on your situation.

If you have other filters in place and you don't mind them being hit with junk you can publish your address with an "old-fashioned" mailto link..

I've seen quite a few implementations over the last few years involving javascript and other techniques, but it all comes back to two basic things:
  1. Allowing people to contact you easily
  2. Stopping spammers from clogging your inbox
You should never let the spammers take control!

If you put too many barriers in the way "Joe Soap" won't bother "jumping through hoops" in order to contact you. Why would they?

At the same time, if you are aware of how spammers garner addresses then it can help to combat the problem.

If you want to experiment a little try the following:

  • Create two new aliases (email addresses)
  • Publish one with a mailto link somewhere prominent ie. in your website's footer
  • Publish the other using the method I suggested
  • Wait a few weeks to see which one gets the most spam :D
frankp said:
Do people use coding measures to print them out... is that worth it?
If you mean Javascript, that's dangerous. Google is apparently becoming a little cautious of websites with lots of Javascript-generated text - as well they might. It's a good way to fool AdSense and so forth.
Not open for further replies.
Award-winning Mac antivirus and Internet security software