Protecting Email Address Links from Website Scrapers

Spam Mail

Spam mail is an unfortunate fact of life. The more things we sign up for, the more our addresses get sold as marketing lists. There is one area where we can try and minimise the collection of email addresses though and that is when pasting them on a website.

These days, content management systems such as Joomla automatically protect email addresses by obfuscation (or - making something harder to understand). They do this by breaking up the email address into parts and then putting it back together using javascript. This generally works on the assumption that scrapers do not have javascript enabled. Unfortunately spammers tend to be quite savvy coders and usually find a work around for most things. So how can we protect a standard website?

That was the question I asked myself when I started putting this site together. Part of it is Joomla, part is standard php pages, some Joomla pages call standard php files. So what to do?

My first instinct was to Google the problem, but the methods that turned up left quite a lot to be desired. Some even required that javascript be enabled in order to obfuscate the address in the first place.

My reasoning basically went along these lines. Make the link empty. Only add the email address when the user interacts with the link. That way, anything scanning the page will see nothing, a user who wants to click on the link will get the email address.

So my link looks like this:

<a href="#" class="emailMe">link text</a>

I then use javascript to insert the link when it is hovered over like this:

//hide my email until hover
$('a.emailMe').hover(
function(){
$('a.emailMe').attr("href", "mailto:my@address.co?subject=Mail&;nbsp;from&nbsp;Website");
},function(){
$('a.emailMe').attr("href", "#");
});

This is obviously only going to work with 1 email address and you don't want to be writing a new function for each address, but with a little bit of thought it is not hard to expand the usage for multiple addresses.

So far, not 1 spam email. I hope publishing this doesn't change that.