On my first commercial website, crazyformsdll.com, I put my customer service email address on a bitmap instead of using a click-able link. I did this because I was terrified that some email bot spam engine was going to cruise past my website and pick up the address for spam purposes, and I really did not want my customerservice address to start collecting spam, since that's not something that can be fixed once it starts.

I am now launching my second product, which is a game, and I wonder if I should just use a clickable link on the new site, just to make things a tad easier on the customer. Do you guys put your email addys right on your website? Do you have problems with spam buildup?

I put the email address on my site when I first set it up, and now I'm starting to get tons of spams, and I haven't even released anything yet! I'm going to change it to bitmap soon.

:(

Years ago on our BeachWare site I had a bunch of clickable links. The spam bots collected all the addressses, and even interpolated a few new ones and they made thier way to all the spam lists. We ended up getting about 1,000 spam emails a day on some addresses. :( I then switched over to an image strategy and it has been working fine. Has anyone written anything that hides the email address from spam bots, but still lets users click on a email button?

Tom

Has anyone written anything that hides the email address from spam bots, but still lets users click on a email button? There is some sort of Javascript snippet floating around the web, though I can't seem to find it at the moment. Wouldn't be hard to roll your own, though.

There is some sort of Javascript snippet floating around the web, though I can't seem to find it at the moment. Wouldn't be hard to roll your own, though.

I thought I'd contribute 5 secs of websearch for future forum users:
http://www.csarven.ca/hiding-email-addresses

Spammers are devious little devils so keep your email off your site. We always use input forms. Even so the spammers do all sorts of sleazy things to find out. Spambots will plug away at your email server trying to find good names, viruses will harvest email boxes on user machines, etc.

A simple solution should be enough to foil most filters. Here's what we do:

<SCRIPT type="text/javascript">
<!--
mail2 = 'port@';
mail4 = 'games';
mail1 = 'sup';
mail5 = '.com';
mail3 = 'grubby';
emailAdd=(mail1 + mail2 + mail3 + mail4 + mail5);
document.write('Or, if you prefer, you can email us at <a href="mailto:' + emailAdd + '">' + emailAdd + '</a><br><br>');
//-->
</script>
The spam crawler would have to be able to process JavaScript to steal that email address.

I would like to echo what Brian said. A form is ideal, and while forms can still be abused by spammers, it's impossible for them to get your email address and blacklisting is relatively simple and painless.

Most of the suggestions in Gilzu's link are horrible advice. If you believe for one second that spam bots don't try to convert "DOT" to "." and "AT" to "@", you're kidding yourself. The same goes for most of the other suggestions. Be aware that regular expressions and Captcha readers are relatively common in email harvesting (and Javascript parsers, and Flash decompilers are soon to follow) and the only way to guarantee protection of your email address is to simply deny the user any access to it at all and only communicate with them on your terms. (Web forms.)

Ryan Clark's script is fine (I've often used a similar one), but you should show the email as image in the noscript block.

If you use a form be sure to prevent that bcc/cc injection, which allows anyone to send annoymous emails from your domain.

There are also a bunch of email prefixes which will receive spam by default. Those are (to my knowledge): info, webmaster, contact, sales, accounting and admin. Just dont use em.

I route all my email through gmail and then back to my isp, this catches most of my spam, of which I get about 300 a day. I still get about 8 a day, which client-side subject filters catch most of.
I've had the same domain name since 1997 so spam is inevitable. It does drive me mad that some idiots still do it though. Whatever the punishment for spamming is, it's not even close to what it should be.