Disclosure of email addresses on web pages
Disclosure of email addresses on web sites can trigger the sending of large amount of spam to those addresses. Most spammers use automatic collection applications to harvest email addresses from web sites specifically for this purpose. In order to identify email addresses, these applications generally look at html source files for instances of “mailto:” or at symbols (i.e., @). A few simple steps can, therefore, be used to conceal email addresses from these applications when they must be disclosed on a web site, thus limiting the risk of exposure to large volumes of spam. These steps are described below.
- Disclosure as an image (complete or partial)
- Disclosure as double-byte characters (complete or partial)
- Disclosure with the @ symbol replaced
- Disclosure using HTML character entity references
Disclosure as an image (complete or partial)
Email addresses can be disclosed as images on web sites. As this eliminates the need for the source code to contain the actual address, harvesting by automatic programs is not a concern. Meanwhile, when email addresses for a number of people must be disclosed, an image could be used just for the common domain section. (For the purpose of the following explanation, we will use the address xxx@yyy.nagoya-u.ac.jp below.)
Method 1: Complete address as an image
<img src="mailaddress.png">
Address disclosed using Method 1
Method 2: Domain section as an image
xxx<img src="maildomain.png">
Address disclosed using Method 2
xxx
If actual text and the characters in the image look too different, either reduce the size of the image or adjust using the <img> tag’s attributes or using the <table> tag.
Disclosure as double-byte characters (complete or partial)
Email addresses can be disclosed either completely or partially as double-byte characters. Automatic harvesting programs cannot identify email addresses in double-byte characters as easily, and even if they are collected, they cannot be directly copied into email software.
For the same reason, however, double-byte email addresses cannot be used with "mailto:". (For the purpose of the following explanation, we will use the address xxx@yyy.nagoya-u.ac.jp below.)
Method 1: Address completely in double-byte characters
xxx@yyy.nagoya-u.ac.jp
Please note that this email address is in double-byte characters. You will need to rewrite it in single-byte characters in order to send email.
Method 2: Double characters used for @ only
xxx@yyy.nagoya-u.ac.jp
Please replace the double-byte @ with its single-byte equivalent.
Disclosure with the @ symbol replaced
Email addresses can be disclosed with @ (the at symbol) replaced with different characters. Automatic harvesting programs will not identify email addresses presented in this way. For the same reason, however, double-byte email addresses cannot be used with "mailto:". (For the purpose of the following explanation, we will use the address xxx@yyy.nagoya-u.ac.jp below.)
Method 1:
xxx(at)yyy.nagoya-u.ac.jp
Please replace (at) with @, the at symbol.
Method 2:
xxx__at__yyy.nagoya-u.ac.jp
Please replace at with @, the at symbol.
Method 3:
xxx($)yyy.nagoya-u.ac.jp
Please replace ($) with @, the at symbol.
Method 4:
xxx # yyy.nagoya-u.ac.jp
Please remove spaces and replace # with @, the at symbol.
Disclosure using HTML character entity references
For example, the special character <, which will not be displayed on web pages if entered as is into the HTML source code, can be denoted as "<" using character entity references. This does not apply only to special characters, and any alphanumeric can be represented using this method. Automatic harvesting programs cannot easily identify email addresses in this format, and as an added advantage, they can be used directly with "mailto:".
The following links will take you to a web site for converting characters into their HTML character entity references.
Make HTML Entities version English 1.0 (conversion site)
Conversion case study
For the purpose of the following explanation, we will use the address xxx@yyy.nagoya-u.ac.jp below.
Using the conversion site identified above, the entry "mailto: xxx@yyy.nagoya-u.ac.jp" is converted into decimal HTML character entity references as follows.
mailto:xxx@yyy.nagoya-u.jp
To insert this into your HTML source, simply use it to replace "mailto: xxx@yyy.nagoya-u.ac.jp". The following shows an example of this.
Pre-conversion
<a href="mailto: xxx@yyy.nagoya-u.ac.jp">Email address</a>
Post-conversion
<a href="mailto:xxx@yyy.nagoya-u.jp">Email address</a>
Web-site appearance of post-conversion text
In this case, the browser simply shows "Email address"; however, if you would prefer to show the actual email address, you could use HTML character entity references to do so, or you could combine this method with one of the other above-mentioned solutions (i.e., disclosure as an image or double-byte characters.
