Hide mail addresses from spam bots automatically

As an attempt to get rid of all the ridiculous spam I receive, I wrote some code a while ago which automatically hides email adresses on a web site by replacing them with JavaScript.

How the email hider hides the email address

The “email address hider” is written in c# and is very simple to implement with a basic knowledge of ASP.NET. The code works like this: It goes through all text and looks for email addresses. Whenever it finds an email address, it replaces the email address with JacaScript before the site is sent to the end user (who could be a spam bot). Hence, the browser will not receive the ‘raw’ email address, but will receive some JavaScript which makes the email address more difficult to obtain automatically.

How to use the email hider

1. Download the binaries from  http://www.m-8.dk/downloads/m8.text.zip

2. Create a reference to m8.text.dll which is placed in the downloaded zip file

3. Implement a call to m8.text.ReplaceEmailWithJavascript in your code, e.g.:

String html = @"My mail address id <a href=""mailto:minmail@retkomma.dk"">mymail@retkomma.dk</a>";

Normally email adresses on a website would look like this to spam robots:

<a href="mailto:mail@domain.com">mail@domain.com</a>

But after parsing a page with the email hider utility, the above email code will be replaced by:

This email address is hidden: 

    <script type="text/javascript" language="javascript">

        var a_t = '@';var fn = 'mail'; var ln = 'domain.dk';var lto = 'lto';

        var m_to = ' mai' + lto + ':';

        document.write('<a href="' + m_to + 'mail' + a_t + 'domain.dk' + '">' + fn + a_t + ln + '</a>');



        <p>The email address is hidden. Please activate JacaScript to view the mail address.</p>


The email address could be hidden even better, but this level of “cryptation” have been sufficient to avoid spam wherever I’ve used it.

For the users visiting the web site the mail address will look the same:


About the email hider

The code is written in c# and is contained in one assembly, m8.text.dll. This assembly contains a precompiled regex, which can recognize mail addresses + a business logic that takes care of replacing the recognized mail addresses with javascript. The business logic is coded with the .NET frameworks MatchEvaluator delegate, which is called everytime a mail address is matched. This is the method that actually replaced the found mail address with med javascript.

A couple of issues

* If the user has not activated JacaScript in her browser, she will not see the mail addresses

* Email addresses which the spam bots have allready captured will not become freem of spam from day 1 (or day 2, or day 3, or…)

* The dll is not com visible, so it’s .NET or nothing:-)

* Drop me a comment if you encounter problems or have a change request.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s