New Internationalist

Obfuscating email addresses

I guess this probably gets me the prize for being first to blog on New Internationalist’s new tech blog. And its a post about making life difficult for spammers. Yay!

I was just doing some work on the Clean Start pages, part of which was to add a mailto: link. Spammers are always scraping pages for mailtos, so I had a think about how one might obfuscate an email reasonably effectively. The traditional way is name [at] site [dot] com. Or you could do like riseup and have a button in the way of any email addresses. But a quite cute technique (though not totally unbreakable) is to use html entities to encode your email address. For example, for the Clean Start email, I would do:

<a href=’&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#99;&#108;&#101;&#97;&#110;&#115;&#116;&#97;&#114;&#116;&#64;&#110;&#101;&#119;&#105;&#110;&#116;&#46;&#111;&#114;&#103;’>Clean Start</a>

There’s an online tool which lets us do this. In the future it would be nice to add a filter to our CMS, Bricolage, that did this automatically when it hit a mailto link.

Comments on Obfuscating email addresses

Leave your comment


  • Maximum characters allowed: 5000
  • Simple HTML allowed: bold, italic, and links

Registration is quick and easy. Plus you won’t have to re-type the blurry words to comment!
Register | Login

  1. #1 Phillip Smith 05 Feb 09

    Hi ho,

    I dug up this sub-routine from another Bricolage-related template I had kicking around:

    # obfuscated_mailto_link()
    # How to use:
    # obfuscated_mailto_link('[email protected]', 'Joe Schmoe');
    # returns
    # <a href=’mailto:joe_att_foo_dott_com’ onclick=’$a='[email protected]';this.href='mailto:'+$a+'';’>Joe Schmoe</a>

    sub obfuscated_mailto_link {

    my ($orig_email, $visible_name) = @_;

    my $munge = $orig_email;
    $munge =~ s/\./_dott_/g;
    $munge =~ s/\@/_att_/g;

    my $pos = index $orig_email, '@';

    my $chop1 = substr ($orig_email, 0, $pos+2);
    my $chop2 = substr ($orig_email, $pos+2);
    return <<EOF;

    <a href=’mailto:$munge’
    onClick=’\$a='$chop1';this.href='mailto:$visible_name <'+\$a+'$chop2>';’

    Wonder if we could put that into Typogrify, or a similar utility template, which would check for the presence of mailto links and convert them as described?


Subscribe to Comments for this articleArticle Comment Feed RSS 2.0

Guidelines: Please be respectful of others when posting your reply.

About the author

Charlie Harvey a New Internationalist contributor

Charlie Harvey is the IT Manager here at New Internationalist. He's active in both the activist and tech communities and is a vocal advocate of Free Software. You can read more on his main Charlie Harvey site.

Read more by Charlie Harvey

Get our free fortnightly eNews


Videos from visionOntv’s globalviews channel.

Related articles

Popular tags

All tags

The Tech Blog

This is where New Internationalist Web Team documents the free and open software used to build this website and its services, discusses emerging issues in the technology space, and provide critical analysis, news and commentary on all things IT and web.

The Tech Blog