What is Website “Email Address Harvesting”, and How Can I Prevent It?

The Internet Patrol default featured image
Share the knowledge


Dear Internet Patrol,

[Website maintenance provided by Usestrict and we love them!]

What is website “email address harvesting”, and how can I prevent it?

Signed,

Ima Webmaster

The Internet Patrol is completely free, and we don't subject you to ads or annoying video pop-ups. But it does cost us out of our pocket to keep the site going (going on 20 years now!) So your tips via CashApp, Venmo, or Paypal are VERY appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

Dear Ima,

The term “email address harvesting”, in this context, refers to the unsavoury practice of finding and copying email addresses from the pages of websites. You know all of those lovely “contact us” webpages which everyone has? Well, spammers just love to pick those tasty little ripe email addresses from the orchard of your website.

The CAN-SPAM act of 2003 makes it illegal to send spam to email addresses which have been harvested, and provides for enhanced sentencing (would you like fries with that?) for a spamming defendant who is found guilty of address harvesting.

But that’s not going to stop it from happening.

So here are a few tips, dear Ima, which will allow users to contact you through your website, while not allowing your email address to fall into the wrong hands:

1. Employ the use of javascript to create your email address ad hoc when user runs the script in order to submit mail to you.

2. Use some form of mailform (cgi, php, etc.), but be wary of versions which have security issues.

3. Provide an html form through which users can contact you, as an alternative to email.

4. Alter your email address on your website to make it unreadable by machines, such as substituting the word “at” for “@”, adding a character string to the email address which you instruct the user to remove, or writing it in Klingon with a pointer to an online Klingon dictionary.

5. Display the email address as a graphic, rather than text.

These are just a few of the ways that you can thwart email address harvesters, while still posting your email address in public, and enabling people to contact you at your email address.

The Internet Patrol is completely free, and we don't subject you to ads or annoying video pop-ups. But it does cost us out of our pocket to keep the site going (going on 20 years now!) So your tips via CashApp, Venmo, or Paypal are appreciated!
Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

Get New Internet Patrol Articles by Email!


Share the knowledge

6 thoughts on “What is Website “Email Address Harvesting”, and How Can I Prevent It?

  1. I know this article was written several years ago but a trick I use is to do borderless tables, three of them, |username|@|host.tld

  2. You could always use, as the alt tag, something that might not be picked up so easily by spammers but would still be easy to convert to an e-mail address — i.e., by writing it out as “cody at zone 38 dot net” or something like that.

  3. If you’re interested in a PHP script to do this, go on over to www.stevedawson.com. There is no direct link to his script, but click on the Free Scripts link, then scroll down the page to where it says PHP Contact Me. Configuration instructions are easy, and no knowledge of PHP is required to set it up.

  4. Doesn’t that defeat the object of obfuscating the email address ? Any harvester should pick up on the email address …

  5. This is true, but you can include an alt to the img tag (ex: img scr=”emailgrfx.gif” width=”123″ height=”123″ alt=”mymail@emailaddress.org”>)

    The reader should pick up in the alt text and read it aloud. You can also use it to make the comment “click here to send e-mail to ………..”.

  6. One problem with displaying the e-mail address as a graphic rather than as text: not so good for users who are blind or dyslexic or who can only access a text-based terminal…

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.