How To Stop Spambots Harvesting Your Email Address

It’s an unfortunate thing, but the internet certainly has its share of unscrupulous people. In my opinion, the worst amongst these are those that deploy software robots to roam the web and harvest email addresses from web pages. These addresses are then collated into huge databases and sold for the purpose of spam.

Now we all hate spam and anything that can be done to reduce it is very worthwhile.
This is not rocket science and a basic knowledge of html and how to cut and paste will see you protected from the spambots. All we are going to use is a bit of javascript.

First, open Notepad or any text editor and then copy and paste the following into the file.

/* This script provides for a straightforward email address in a web page.

In your web page add the following:

<script type=”text/javascript”>blocker(“insert first part of email address”)</script> */
function blocker(name)
var domain =””;
document.write(‘<a href=”mailto:’ + name + ‘@’ + domain + ‘”>’ + name + ‘@’ + domain + ‘</a>’);

/* This script adds a subject field to the email.

function blockersubject(name,subject)
var domain =””;
document.write(‘<a href=”mailto:’ + name + ‘@’ + domain + ‘?subject=’ + subject + ‘”>’ + name + ‘@’ + domain + ‘</a>’);


This script is for using as an “Email Us” or like in a menu system or on a page.
Insert the following in your web page:

<script type=”text/javascript”>blocker2(‘First Part of Email’,’The text you want to appear on the web page’);</script>

function blocker2(name,text)
var domain =””;
document.write(‘<a href=”mailto:’ + name + ‘@’ + domain + ‘”>’ + text + ‘</a>’);


This script allows the adding of a subject, but also displayable text for a menu system. In your web page place the following:

<script type=”text/javascript”>blockersubject2(‘first part of email address’,’The Subject in the email’,’The text to appear in the email’);</script>*/

function blockersubject2(name,subject,text)
var domain =””;
document.write(‘<a href=”mailto:’ + name + ‘@’ + domain + ‘?subject=’ + subject + ‘”>’ + text + ‘</a>’);

//End of file.

Save the file as blocker.js in your document folders because this script can be reused over and over for as many different web pages as you like. You only need to change the variables in the script.

To get the scripts to work, there are a couple of things you need to do. I usually create a sub-directory for my javascript and actually call it that.

Any javascript for the web page can be stored there. Save a copy of the file blocker.js to this directory and then edit all the variables to suit your site.

Now you need to allow the scripts to be called and the web page needs to know where they are.

The easiest way to achieve this is to have the information in the <head> section of your document. Before the closing </head> tag, and assuming you have saved the file to a javascript sub-directory, insert the following line of code:

(Insert less than sign)script type=”text/javascript” src=”javascript/common.js”>(insert less than sign)/script>

You will just have to make sure that the path to the javascript sub-directory is correct for the document. This is simple if you use Dreamweaver as you can modify the template for your site and it will update all the pages. If you are using php includes, you will need to make sure that the path is correct from your header template through to the javascript directory. A little playing will usually get this sorted out for you.

One final thing that you should be aware of and that is that not everyone has javascript turned on. If a visitor hits your page and has javascript turned off then they won’t be able to see your email addresses at all. To resolve this, enter the following code just below the area where the email address is supposed to appear.

(Insert less than sign)noscript><p>If you are seeing this, then Javascipt is not turned on in your browser and you won’t be able to see our email addresses. They are hidden by Javascript. You can either turn your Javascript on or alternately email us at youraddress at domainname dot com</p>(insert less than sign)/noscript>

Make sure you do not use the @ sign or put the dot in or even type the full email address properly. You will destroy all the good work you’ve done.

And there you have it. A simple piece of javascript that will prevent your email address being harvested by the nasty little bots that roam the web.