Protecting Web Page Email Addresses on www From Spambots

Robot programs (spambots) harvest email addresses from Web pages by looking for strings of text that follow a typical email address pattern, e.g. joe.bronco@wmich.edu. Once harvested, these email addresses can be used for sophisticated phishing attempts. If you do not use those strings in your Web pages, you may be able to prevent some of the spam hitting your addresses. The safemail javascript outlined below will use the information you provide to write the email links to your viewed page, but the email address will not be found within your source code. It may be used on WMU Web pages that reside on the wmich.edu Web servers. It is not necessary if your pages have migrated to the CMS as that system is already protected.

  1. Insert the below line of code between the <head> and </head> of your page.

    <script src="/javascript/os/safemail.js" type="text/javascript"></script>

    If on homepages.wmich.edu use: 

    <script src="/%3Ca%20href%3D"http://www.wmich.edu/javascript/os/safemail.js">http://www.wmich.edu/javascript/os/safemail.js" type="text/javascript"></script>
  2. Next, in code view, replace your <a href="/%3Ca%20href%3D"mailto:mailto.first.last@wmich.edu">mailto.first.last@wmich.edu">first.last@wmich.edu</a> text with:
    (replace items shown in red with your specific information)

    <script>safemail("firstname.lastname","wmich.edu","")</script>

Safemail options

To add a subject line to the email address that is written on the fly, use this code instead of the code in step 2 above:

<script>safemail("firstname.lastname","wmich.edu"," subject")</script>

Instead of displaying a linked firstname.lastname@wmich.edu address on the page, a linked First Last (or use any other text you wish to have displayed as a link) will display.

<script>safemail("firstname.lastname","wmich.edu"," ","First Last")</script>