Security: Email Harvesting/Privacy
In this article, we will show you some best practice methods to help keep your email out of the hands of spam bots/email harvesters.
There are bots out there and are always on the lookout for email addresses so that they can be either used to send you spam, or so that they can sell your email address to the highest bidder.
Here are a few recommendations to help keep your email out of reach, while still being usable by your clients.
- 1) Never use “mailto” links in your code. This is almost always the first thing that bots look for in your website. If you must use mailto links, use an email address that you don’t “care” about. This will give you the option of changing it at a later date if you start to receive a lot of spam messages.
- 2) Avoid putting your email in plain text. For example, don’t list your email on the website in a normal format. If you must post it on a public website, try to obfuscate it in a way where a human could still read it, but bots can’t. For example, you could use “john AT example DOT com”. However, most decent bots are still able to read and capture this email address. Because of this be creative and change things up.
- 3) When possible, check the settings of any site you register for (including sites like Facebook, Twitter, Forums, etc.) and ensure that any email related privacy settings are configured in a way where your email is not publicly listed.
- 4) While there are some java script obfuscation out there, most bots are now able to see right through them. Because of this, we don’t recommend using any java script based obfuscators.
Below we are going to list some options that may be helpful to hide your email address.
- 1) Pictures/Images can be used in place of actual plan text. The only downside to this is the end user would have to type your email address rather than copying and pasting it into their email client.
- 2) reCAPTCHA is a tool that requires you to enter a code before you are allowed to read the email address. It is free and normally very easy to add to your website. For more information about this service, please click here.
- 3) The best way to keep your email private while still allowing people to contact you is an email contact form. These forms use php (or another web programming language) to allow a person to fill out a form on your website and then having the form contents sent to your email. Because all of this happens behind the scenes, your email is never exposed to the public until you reply to them.
If you have any questions, please feel free to reply below or you can contact our support team directly through Backstage.