This story is about
Why you don't want your email address just "hanging out there"

The solution to this dilemma is to protect email links by encrypting them.

The pre-spam way of doing it:

Normally you'd add an email address to a web page with a piece of HTML such as:

<a href="mailto:notme@fake.address9z.com">Mr notme</a>
    

This creates a mailto link, and when displayed in a web page looks like this:

                                                 Mr notme

When the site user clicks the link their mail program will pop up and launch a compose mail window, addressed to the target of the link, in this case notme@fake.address9z.com.

Unfortunately a spam harvester can easily read the email address within the HTML code, so this style of link should be AVOIDED!

One mediocre solution

A solution adopted by some sites is to nobble the email address in such a way that a spam harvester won't recognise it, but a human reader will. The normal way of doing this is to replace the "@" sign with some text, such as "-AT-":

<a href="mailto:notme-AT-fake.address9z.com">Mr notme</a>
    

When clicked, this will produce an email addressed to notme-AT-fake.address9z.com. There are two drawbacks to this system:

1. The user has to manually replace the "-AT-" with "@".
2. Some spam harvesters are already aware of this technique and can recognise and fix nobbled email addresses of this form.

So forget that one. It's history.

One, sort of complicated solution

All modern browsers have support for Javascript. This can be used to emit HTML into a web page in a way that makes it very difficult for automatic robots such as web harvesters to detect. Here's an example of this technique at work:

If you click this link, you will see a normal mail window open addressed to notme@fake.address9z.com - so the user does not have to do any editing of the email address. But, if you view the HTML source for this link, you'll get the following code:

<script>mail2("notme","fake.address9z",0,"","Mr notme")</script>
    

As you can see, there is nothing in this code which can be directly used by a spam harvester to reclaim the email address. So, the spam harvesting problem is also solved, and it only cost you 400 hours @ $100 per hour to have the code written by a programmer.  How do I implement this Javascript solution? -
go to http://www.bronze-age.com/nospam/

Here's the Crestone Creations solution

Encryption. Make the whole thing difficult to recognize without time spent decrypting. Well, didn't we just make it much more difficult than any mindless, soulless, scourge of the internet Spam Harvester is willing to deal with. Basically, instead of

<a href="mailto:notme@fake.address9z.com">Mr notme</a>

the code would look like this:

<script type="text/javascript">
/*<![CDATA[*/

<!-- Encrypted version of: notme [at] ****.*********.*** //-->

var emailriddlerarray=[110,111,116,109,101,64,102,97,107,101,46,97,100,100,114,101,115,115,57,122,46,99,111,109]
var encryptedemail_id68='' //variable to contain encrypted email
for (var i=0; i<emailriddlerarray.length; i++)
encryptedemail_id68+=String.fromCharCode(emailriddlerarray[i])

document.write('<a href="mailto:'+encryptedemail_id68+'?subject=Email Test">notme@fake.address9z.com</a>')

/*]]>*/
</script>

ok, so send me an email at the code given above - haha - can't do it can you? No way no how mr. spam harvester.
But if you want to see it in use, check out our contact page - the code behind our email address is like the code above ...

Want it? - contact us- we'll set it up on your site.

More Information

For more information on spam harvesters and email links, try these pages:

http://west-penwith.org.uk/misc/spam.htm

http://www.turnstep.com/Spambot/

http://www.siteware.ch/webresources/useragents/collectors/