Cristina's How Hide my Email Address ?

Please note : Every link on this page opens in a new window. If your "Pop-up killer" is too efficient it can also stop new windows. When this happens, please press "Ctrl" and click on the link you want.

Why Hide my e-mail Address?

When you publish your web pages you need to include your email address in one form or another on every page. Maybe a visitor want to clarify some matter or have some question for you. A web page without the owner's / webmaster's email address gives an unreliable impression - like you would be hiding.

If you write the e-mail address in your code as regular HTML, i.e.:

mailto:your_name@domain.com
the spiders will pick it up and you start getting a hundred or more "dirty" advertising messages into your email box every week. Most of these you cannot stop except by blocking them.

Then again some messages can come repeatedly with different sender and you can block only a certain number of addresses. Once you start getting these, the best you can do is to simply delete them without opening them. If you open a message like that, the spider's "master" can get a notice and you will continue receiving a steady stream of nonsense messages. There are, for instance, messages with a transparent picture containing a worm that is activated as soon as the message is opened. See Cristina's Computer Viruses and Worms.

Even when such a message have an email address from where you can request to be deleted from the mailing list, very often it doesn't work, or on the contrary, it serves as confirmation that your email address is active.

Use Plain Text

The spiders are programs like those used by search engine spiders and robots. The spamming spiders, however, look only for certain few symbols: "mailto:", "@", and may be something followed by ".com" or something similar.

The easiest way is, of course, to change "@" and write in the text: "john_smith"at"yahoo.com". Then you add in the text: "Instead of "at" please type: @". Some sophisticated spiders can be programmed to recognize this, so it's not completely secure, although this works in all browsers.

Use Different Symbols

A better method is to use keyboard symbols, i.e. you change in your code "mailto:" and "@" to the following:

code: mailto:john_smith@yahoo.com
equals: m a i l t o : @
The browser should display the full email address, but it depends on the computer using Western European characters. If your visitor uses different characters for a very different language with completely different keyboard, the result can be unpredictable and will probably not work. So this is not a viable option if you have visitors from all around the world.

See list of special characters or go to Felgall.

Use JavaScript

There are several Java Scripts available and they are one step safer, but still not completely safe, see for instance (again) Felgall. The disadvantage with this method is, it doesn't work when the visitor has disabled JavaScript in his/her browser. According to my own website traffic data about 6-7 % of my visitors are surfing with JavaScript switched off.

Use Encrypted Code

This is the safest method. The browser reads the encrypted code and produces a regular clickable email address (= a name ). The disadvantage is the same as above. The code is a self evaluating JavaScript so it requires a JavaScript enabled browser.

If you are redirected to the home page, scroll down until ---> "Enkoder" - on that page choose "Form" ( or "Mac" ). Fill in the form and copy the result on your Notepad. If you choose different "Subject" for each page, it's later easy to see from a query Subject line what page the person comes from.

Furthermore the encrypted code is considerably longer than plain JavaScript, which means added download time plus added display time as the processing in the browser takes slightly longer. This is not a new problem; read article by Dan Benjamin, "founder of automaticlabs / hivelogic".

Use an Email Form

If you have your own server or are using fully paid service you can use "Action=GET" and then it's not any email anymore in a strict sense as the form is returned directly to your server without any external email service provider.

If you use a free or very low cost server, you have to use "Action=POST", which means it involves regular email. You can expect the spiders to get smarter but at same time the file size of a spamming spider is restricted because everything must go very fast.

When you have a form coming directly into your server you a running an extra risk of viruses. Instead of a regular message may be somebody puts in a virus file instead and then your server gets infected.

Situation 2009 / 2010

The spamming spiders are developing same way as most software is developed and getting more sophisticated. At the end of 2007 most of the spamming spiders were reading and recording some of the elaborate code suggested above. Many can also read JavaScript and forms, i.e. they can pick out the email address from these codes.

Therefore you can often on the Internet see a "picture" with some characters you must fill in before submitting a form. Some spamming spiders are able to "read" very simple "character pictures" and can submit the form after adding the spam message in the form.

So it seems the only safe ( at this moment ) way to include your e-mail address on a webpage as an encrypted code, as suggested above. Once very many people start using this there will, however, be spiders that read this also. Hopefully not for some time yet.

Languages available:

( Arabic ),

( Chinese ), Deutsch, Español, Français, Icelandic, Italiano,

( Japanese ),

( Korean ), Nederlands, Português, Pycckий.