Don't Have Email Addresses On Your Website.


One of the most annoying things about email is the amount of spam you get. Spam is the unsolicited messages that are trying to sell you something, trick you into sharing your password or some other scam.

If you are running your own email server, you absolutely need to have some sort of spam protection software. If you are using a service like gmail then spam protection is probably built in and you may not be seeing much of a problem. The point of this post is not to get into the nitty-gritty of spam protection, it’s just to point out that one of the main ways a spammer will get hold of your email addresse is by you putting them on your website.

Email Harvesting

When I am reviewing a clients website, exposed email addresses are one of those things that goes straight onto my “fix this” list. An exposed email address is where you have the address visible on your website often as a link that opens a blank email.

There are a lot of non-human visitors to your website that you may not be aware of. Some of these robots are crawling through the internet 24/7 just looking for exposed email addresses and adding them to lists.  Pretty soon you are getting a flood of unsolicited messages because these lists are usually sold to multiple spammers. 

So what do I need to do?

The obvious thing is not have any email addresses on your public website.  Instead, use an online form which doesn't have an address visible in the HTML code. (Technical Note: It is possible to have an online form that still gives away the email address even though you can't see it on the page). This makes it impossible for the robots to add your email address to any lists.

But....there is another breed of robot that finds online forms and and fill them out automatically.   This means you still get the spam but now it's coming via the website form rather than direct to your email. The fix for this is to add a mandatory question to your online form that a robot can't fill out automatically. You are probably familiar with these already. There are the image based questions that typically ask you to enter some text shown in an image. It is really had for robots to do this.

The Case Against Online Forms 

I know some clients that publish email addresses despite the risks.  They believe their customers are put off having to fill out online forms and are much more likely to use email. This may be true if the online form has too many fields or asking for information the customer does not want to share right now. (This is a topic for another blog post!) However these addresses are typically generic like "enquiries@" or "info@" that are only used for this purpose.

If you are concerned about your website having exposed email addresses, feel free to contact us using our online form: