How does the email address get captured by spammers?

Simple! As you know, there are "spiders" or "robots" that search the internet looking for web pages to scan and add into the databases for the search engines on the web. This scanning does not present a problem. However, the same technology has been adapted by spammers to create tools that search out web pages and look for mailto: URL's, or possibly even just the presence of what looks like a mailing address, i.e. name@domain.com.

Unfortunately, once your address is captured, there is virtually NO WAY to have it removed from the mailing lists that the spammers use. Unless you change your email address, you will probably get spam forever...

Why does this solution avoid the above problem?

This gets into some of the technical details of how web browsers and these spiders and robots work, but I will try to start with a simpler overview.

The replacement text that this tool generates is written in JavaScript, and requires that the program that reads it to be JavaScript enabled. In a nutshell, only the web browsers are JavaScript enabled, and the email spiders and robots are not. Thus, the text of the email address will only appear on the web page when viewed with a web browser.

My analysis has shown that over 98% of the "hits" on the insulators page are from JavaScript enabled web browsers. Some of the remaining 2% are from spiders and robots which are not JavaScript enabled, so this method is very effective.

How exactly does this work?

The solution is very straight forward. It uses constructs in JavaScript to dynamically insert HTML code for the mailto: URL link into your page. When this segment of JavaScript is executed by a web browser, it uses the document.write method to create the mailto: URL link from the parameters of the function call. If you look at the raw script code, there is nothing that looks like an email address nor a mailto: link.

Is this "bullet proof?"

I have used this for a number of years for email addresses, and non of them had gotten spammed. I tried a test using your typical mailto: link, and the address I gave got spammed within a month!! I'll never say this is effective 100.000% if the time, but I think it is getting pretty close.  If you have a better solution, or see a problem with this, PLEASE point it out to me!

Send me email, at


Last updated Friday, February 12, 2010

UpReturn to the Webmaster tips page