email address on your website

This is something that people don’t seem to realise, and although I tell them over and over it seems to go ignored.


The reason is that spam bots crawl websites and gather email addresses, then place them into a list ready to spam.

People often ask me how to overcome this issue, I mainly use the following 3 methods:

  1. Add removable tags. (eg: web@[-REMOVE-]
  2. Images – Simply turn your email address into an image and include it on your site, be warned however, some spam bots use OCR, but not very often as it uses lots of resources.
  3. Forms – One of the best methods, because your email address is never visible, however forms can be spammed.

For those with some PHP skills here’s a simple script I made, you can use to render your email addresses, as per option 2:



//check for string
if (!$string) { die(); }

//ensure no caching by browser - START
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); //A Date in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified
header("Cache-Control: no-store, no-cache, must-revalidate"); // no cache for HTTP/1.1
header("Cache-Control: post-check=0, pre-check=0", false); // no cache for HTTP/1.1
header("Pragma: no-cache"); // no cache for HTTP/1.0
//ensure no caching by browser - END

//output the image
header('Content-type: image/gif'); // tell the browser that this is an image

//Create the image
$font  = 3;
$width  = ImageFontWidth($font)* strlen($string);
$height = ImageFontHeight($font);
$im = ImageCreate($width,$height);

$x=imagesx($im)-$width ;
$background_color = imagecolorallocate ($im, 242, 242, 242); //white background
$text_color = imagecolorallocate ($im, 0, 0,0);//black text
$trans_color = $background_color;//transparent colour
imagecolortransparent($im, $trans_color);
imagestring ($im, $font, $x, $y,  $string, $text_color);



Update: I recently also write some javascript that is not easily detectable by the spam bots…

<script language=”JavaScript” type=”text/javascript”>
var who = ‘info’;
var at = ‘@’;
if((prefix==’http://www.’) || (prefix==’www.’)) {
else {
if (prefix2==’http://’) {
else{ domain=URL.substring(0,URL.indexOf(‘/’)); }
document.write(who + at + domain);

It pulls the domain name automatically, ideal for many simple sites.

There are plenty of other techniques, csarven has a very nice article detailing these, called hiding email addresses.

Related posts:

  1. What is a valid email address? With the on-going abuse to email based systems, we are...
  2. Fax to email Fax to email is perhaps one of the most interesting,...
  3. Start your own free email service I have been interested in starting my own free email...
  4. .cn domain scam Today I received the following email from [email protected]… [Note: If...
  5. Free icon sets for your website If you don’t have the time to make your own...

1 Comment »

  1. Kawika said,

    November 17, 2009 @ 5:23 am

    Hey., thanks so much for the post! I really like the email-to-image script! I might have to use it on my website.

RSS feed for comments on this post · TrackBack URL

Leave a Comment