All email harvesters are automated software applications which roam the Internet. Like search engine robots, they travel around visiting web pages and gathering information to be stored in a database. Unlike search engines, email harvesters are only looking for email addresses. They are usually sent by spammers and any addresses they find are added to their spam database. Obviously this is a bad thing and you don’t want harvesters to find your address.Publishing an email address on a web page invites more spam. Protect your address by masking it from the email harvesters (spambots) used by spammers.

There are a number of ways to fend off harvesters, each with their pros and cons. Generally speaking, the easier methods to implement are the most difficult for your visitors to use (and vice versa).

his method is simple to follow but comes with the risk that real humans also might get confused and “de-mung” the address incorrectly. Spam bots are also getting better, so it is reasonable to assume that some can pick up variations of an email address. But along with the GIF signature, this remains the easiest one to apply in places like community boards.

Hide via ASCII

Each character can be mapped to a corresponding ASCII code. ASCII codes are translated by browsers into the readable character form, but it handicaps the spam bots as they fail to recognize the codes. You can use the HQ Secure Email Obfuscater to generate and AXCII coded email address. Though not 100% effective, it will eliminate up to 80% of harverters. Now your email will look like:

Use an Image Email Address

you at your domain dot com

The email address above is not text but a transparent GIF image created in a photo editor. It looks neater and spam bots cannot read it because it is an image file and using OCR is still a long way off. But using GIF email signatures has a couple of disadvantages – the recipient can miss the email ID if images are turned off in his browser. Also, a GIF email sign ideally should not be hyperlinked… so recipients will have to key in the ID themselves, and that’s a bit inconvenient.

Encode With JavaScript

<script type='text/javascript'>var a = new Array('','you@your');document.write("<a href='mailto:"+a[1]+a[0]+"'>"+a[1]+a[0]+"</a>");</script>

That’s ‘’ obscured with JavaScript and inserted into the HTML of a webpage. Spam bots don’t do a good job of reading JavaScript and can’t find the ID in the source code, but our usual browsers render it perfectly. Of course, you need to have it switched on to display the email signature correctly. There are many JavaScript generators available freely on the web that can generate the code for you. Copy the code into your HTML where you want the link to appear.

Use a Disposable Email Address

Disposable email addresses are also a neat solution. These onetime dummy email accounts can be used when giving out email addresses to websites. You can abandon them at will. We have covered quite a few web services which generate disposable email addresses. Suggest: Yahoo, Gmail, Outlook…

I also came across a service called Scrim which protects your email address by disguising it using a custom link. You can try it out.

Use Contact Forms

Secure email forms are the best and most professional way to protect email addresses while soliciting information. All professionally designed websites will have one. It is user-friendly as all the reader has to do is add information and click on submit. Email addresses aren’t displayed to the readers or spam bots. A further barrier of a CAPTCHA prevents auto-populating bots from attacking the system. Yes, the reader cannot use his favored email client to send messages but that’s a small inconvenience.


These five points cover the bare minimum we can do as individuals and also as web designers to protect email addresses from the scourge of email harvesters. There are a few more advanced techniques that go around like Spider Traps. Anti-spam methods are many and more are coming online as the spam battle evolves. Battle may be a little soft; all out war! How do you combat it at your level? Are you aware of email harvesters and the tricks they play?

Final Word

Never respond to a spam email.  Do not click their ‘unsubscribe’ link. It only confirms your identity and makes your email address more valuable to them.