Encrypt mailto email addresses with inline JavaScript
I would go about something simpler and equally-effective like this:
<a href="javascript:window.location.href = 'mailto:' + ['john','smith.com'].join('@')">john<!---->@<!---->smith.com</a>
mailto:link is obfuscated and unreadable for bots- html comments are used as junk so spam bots won't read the text of the link, while are hidden to a user. There can be any type of junk for example a
<span>withdisplay: none
Here are two external tools mentioned. For both you need to generate your Javascript code first with your email.
JavaScript eMail Encrypter
<!-- Add these lines to <head></head> -->
<script type="text/javascript"> <!--
function UnCryptMailto( s )
{
var n = 0;
var r = "";
for( var i = 0; i < s.length; i++)
{
n = s.charCodeAt( i );
if( n >= 8364 )
{
n = 128;
}
r += String.fromCharCode( n - 1 );
}
return r;
}
function linkTo_UnCryptMailto( s )
{
location.href=UnCryptMailto( s );
}
// --> </script>
<!-- Use above link to generate your crypted email (example): -->
<a href="javascript:linkTo_UnCryptMailto('nbjmup;uftuAuftu/dpn');">test [at] test [dot] com</a>
ANTI-SPAM EMAIL LINK OBFUSCATOR
<script type="text/javascript" language="javascript">
<!--
// Email obfuscator script 2.1 by Tim Williams, University of Arizona
// Random encryption key feature coded by Andrew Moulden
// This code is freeware provided these four comment lines remain intact
// A wizard to generate this code is at http://www.jottings.com/obfuscator/
{ coded = "[email protected]"
key = "594NIGdDgELkcwoAbPQirZaYCn1mWhURt0syV7Ojpqf8H3XMFvlezJTS2ux6KB"
shift=coded.length
link=""
for (i=0; i<coded.length; i++) {
if (key.indexOf(coded.charAt(i))==-1) {
ltr = coded.charAt(i)
link += (ltr)
}
else {
ltr = (key.indexOf(coded.charAt(i))-shift+key.length) % key.length
link += (key.charAt(ltr))
}
}
document.write("<a href='mailto:"+link+"'>Example</a>")
}
//-->
</script><noscript>Sorry, you need Javascript on to email me.</noscript>
This tool was originally conceived and written by Tim Williams of The University of Arizona. The code to randomly generate a different encryption key each time the tool is used was written by Andrew Moulden. Ross Killen of Celtic Productions Ltd has also created a PHP version to enable use of this technique in web applications.
This code is distributed as freeware, provided the authors' credits etc remain exactly as shown.
I just found this page that lists a number of methods that have been tested in a 1.5 year experiment in 2018, e.g.
- use CSS's
direction: rtl - add some "null" spans including a bit more advanced css to hide it
- use some fancy JS to obfuscate the mailto link
Seems like spam bots are getting more advanced.