Many big email providers like Google, Microsoft, Yahoo, etc. offers state-of-the-art spam filters, so with these email addresses the email obfuscation is not really necessary. Since I’m not sure whether the spam filter of my host provider is good, I was looking for a good obfuscation method for this blog.

Email obfuscation is the process to mask an email address on a webpage, in order to prevent spam produced by the bots that scan internet websites. Many solutions exist, but most of them are not accessible from the final-user point of view. For example a picture with the email address is a good solution (unless OCR-aware bots) but require the user to write explicitly the address. Displaying the email only after a Recaptcha quiz is even better, from the security point, but (at least from me) is very boring from the user side.

Fortunately many other scripting solutions exist. Generally they use some scrips that rewrite/encode/decode the email address. I’m not an export of this field, but as far I know the Graceful Email Obfuscation (GEO) is one of the best methods. It requires the apache webserver and a bit of php skills, but fortunately a wordpress plugin exists and is also very simple to use!

Just write

[email]mail@example.com[/email]

and the plugin will produce the following email link:

email

pointing exactly at mail@example.com! Since this link is produced dinamically (you will need a Javascript-enabled browser) a bot is not able to detect the email address. By default the text link is the word email, but you can customize it writing:

[email href="mail@example.com"]Send an email![/email]

Now the resulting link is

Send an email!

What happens with a browser without Javascript? GEO needs Javascript, so the website should provide a fallback obfuscation method that not depends on Javascript. The previous plugin handles also this use case. When Javascript is disabled, the produced link is not an email address, but a link to a simple recaptcha-like quiz (a simple sum):

geo1

When the user provides the right answer, the email address is finally showed:

geo2