StepOne, there are numerous js scripts available to "hide" the email from regular bots, yet make it work if clicked on. I have it in use on my site for that very reason.
Sticky me and I will email it to you.
It may be that there are bots out there now that are able to read it and collect the emails anyway, but i'm not sure on that. And i did read recently about another way of hiding that didn't use js, but i can't recall now where i saw that.

EVO

Try these links
[clariondeveloper.com ]

[willmaster.com ]

This used to be a problem for me until I made up the following script which seems to do the job:

<script language=javascript>
<!--
function mref(mine) {
temp = "name@" +
"domain.com?" +
"subject=My%20Inquiry";
temp = "mailto:" + temp;
mine.href=temp;
}
// -->
</script>

It is used as follows:

<a name="posse" href="#" onmousedown="mref(this)">
anchor link text or image goes here
</a>

This forum helped my work out a few bugs so that it is supported by multiple browsers but it seems to work now. Breaking the email address up into several lines (i.e., breaking up
name@domain.com?subject=My Inquiry) also seems to help as it makes detecting and deecoding an email address more difficult.

Unfortunately there are work arounds. In particular if you activate the link then the email address gets placed in the anchor value and can be read but that is a multistep process and requires some specific knowledge on the part of the would be spammer. This is just a hardcoded example. If you have multiple addresses and links then you will have to expand the mref function and its use. In any case it is fairly simple, loads quickly and seems to work (for now).

Hope this information is useful!

We typically database large staff directories and assign a variable to each email address. joesmith@example.com might be ID=7 in the database, for example.

On the site, the email link says "Contact this individual" or something like that, and the URL goes to a contact form, which might be linked like this:

example.com/contact.src?ID=7

At that point the form knows to send this inquiry to the email address associated with ID=7 in the database. That happens in the form processing, and the public user (nor the spambot) never sees an email address, nor can they find it in the source code.

The old Hiveware Email Address Enkoder, which is now known as the Enkoder Form, has a very good javascript based encoder you can use for free. I've used this on some pretty heavily trolled sites, and the results have been impressive. Only the hand spammers can get through now....then I change the address.

Many thanks to everyone who took the time to reply, you were all very helpful.

I wonder though, am I bolting the stable door after the horse has bolted?

I wonder though, am I bolting the stable door after the horse has bolted?

I think the best answer to that is both yes and no.

My brother once had an e-mail address on the web site for his band, and spam was constantly sent to it. (The address was not given out anywhere else.) After he replaced the e-mail address with an image, he stopped receiving spam within about two months.

am I bolting the stable door after the horse has bolted?

If the addresses have been scanned and people are are already getting spam because of it...then, yes. All those addresses are already in a collection of "1,000,000 pre-approved addresses" and on sale to the beginner spammer for $9.95. Now it is time for you to implement some good Bayesian filters on your machines. Once a set of addresses makes it into rotation there's little you can do to stop it unfortunately.

I concur 100% with Bill, that once the spammers get your address they resell among their slimebag communities. Your only sensible option is to alter the spelling of the account names slightly, hiding them either inside external, obfuscated .js files, or, better yet, as aliases inside an NMS Formmail script, which cannot be read by the world (711). I use both methods now, but am slowly moving to a form (NMS) only contact method. A determined spammer can click on my obfuscated link, then copy my email address from his email client when it opens with it embedded in the To line. Some of them are using website downloaders to gather all of your html and script pages together, then hand linking to find your concealed addresses. Then, they compile these hand scraped addresses into big lists and send them to a master database, for a pittance. Many are in Brazil, which I now block entirely in my .htaccess files. Beware the exact U-A "Mozilla 3.0 (compatible)" coming from anywhere in the world.

If you can control the email server behavior, you can send all email directed to the trashed accounts to the :blackhole account, if you have one, thus saving a bunch of new spam filter rules. That's what I do.

Wiz

Oops, I typed that bad User Agent wrong! It should read: "Mozilla/3.0 (compatible)" It is some kind of hostile downloader program used by email harvesters. It should be blocked in .htaccess, if possible.

Wiz