Defeating the Spambots!
or
How to hide your email address using remote JavaScript

Here's how to use the "hideemail" JavaScript to protect your Email address from spambots (aka Email Address Harvesting Robots).

One way spammers get your email address is with programs written to extract addresses from web pages. These "robots" or "spambots", as they are called, look for links in the body of web pages, or "strings" of text around the "@" symbol (typically those that follow the form "something + @ + something +.three letter extension"). So even if you don't have this coded as an active link (just the text of the email address) the robot can still obtain your address based on the "@" character. The only sure-fire way to protect your email address from spammer lists created in this way is keep your email address off web pages. But what if you want or need to have people send you email?

One method, is to use a "form" to submit emails via your site, but an easier way is to use the "Hideemail" JavaScript outlined below. The trick to this JavaScript is simple: they make it appear that there is no useful information following the "mailto" or on either side of the "@" character. There is nothing for the spambots to read, however, your visitors can still see the link, and if they click on the link, the JavaScript reassembles the code so that it works. The only downside is that any visitor without JavaScript enabled will not be able to read or link to an Email address posted with this script.

Hideemail lets you put your address on the page using JavaScript's document.write method. With this, your user's browser displays your email link just like it would if you had coded it with standard HTML. The difference is, that you can do this without putting the string that includes your email address in the code. This means spambots find nothing, and you stay clear of spam (at least from this method of harvesting). You can look at an example of this works on the "Controlled Vocabulary" site on the contact page. If you are only dealing with one page on your website, you may just want to use the code without storing it as a "remote" JavaScript (.js file). However, if you wish to display more than one email address on the page, or you want to have your email address on multiple pages, the following method will give you the same result, and keep you from adding several "k" to each page.

It's a fairly painless, four-step process:

• Copy the hideemail.js script below, into Notepad or Simpletext, and save as "hideemail.js"
• Upload to the root directory of your site
• Make a "call" to the hideemail.js script from your web page
• Activate the hideemail function with the proper parameters explained below, in the place on the page where you want the email address to appear.

You need to save and upload the hideemail.js script to your web server. It's best to put it in your root directory so that it can be called conveniently from any page. The script takes three parameters, these are the the username, the domain name, and finally the display name.

Here is the script (cut and paste from the window below):

<!-- function hideemail(name, domain, display) { displayed=(typeof(display)=="undefined") ? name+"@"+domain : display document.write('<a href=mailto:' + name + '@' + domain + '>' + displayed + '</a>'); } // -->

Call the script from your page

On the web page that is going to be displaying the email address, you need to call this hideemail.js script. This is should be done within the <head> section of your code. Your call to the script will be similar to this:

<script src="/hideemail.js"></script>

Call the function and display the email link You can now safely display as many email addresses as you desire on your page. If you want to link a display name such as "Yourdisplayname" to an address such as yourname@yourdomain.com, you would do it like this:

<script>hideemail("yourname","yourdomain.com","yourdisplayname")</script>

If you wish to add a "subject" line to personalize the incoming message you can add it following the domain name. Keep in mind that you can't have "blank spaces" if you use more than one word. The "non-breaking space" tag or the underscore character can be used.* These would replace the second variable in the paratheses in the script above so they would read:

"yourdomain.com?subject=Your message here" (including the quotes).

Or

"yourdomain.com?subject=Your_message_here" (including the quotes).

If you want to display the email address on the web page so it reads as yourname@yourdomain.com, a simpler call to the function will suffice:

<script>Hideemail("yourname","yourdomain.com")</script>

*Here's the only hitch I've found with coding in the subject line, and it would only affect those using multiple word subject lines. If you use the "non-breaking space" as I suggested above, this does work without a hitch on the windows platform, however, it doesn't work seamlessly on the mac side of the equation. From MSIE 5, you'll probably get something that looks like "YourÝmessageÝhere" and if from Netscape 4.7, something like "Yourmessagehere." The simplest way to avoid this, if you are using these subject lines to sort your mail, is to use the "underscore" (_)character instead of a space. Then you'll get the same result on either platform "Your_message_here." The following page on the Controlled Vocabulary site is coded using this JavaScript. Let me know if you have any problems using or reading the Controlled Vocabulary email link.