Mail Exposure Protection

Many people who publish their email on a website end up with more spam. This page explains why that happens and offers a small generator to show your address in ways that are harder for bots to harvest.

Why so many website owners get spam

If your email appears on your site as plain text or in a normal mailto: link, automated crawlers can harvest it in seconds. Bots scrape the web for addresses and add them to lists that are sold or used for spam. The more visible and machine-readable the address, the more likely it gets collected.

Spam is often sent from compromised but correctly configured mail servers. Those messages pass technical checks (SPF, DKIM, reputation) because they come from legitimate infrastructure—so filters that only look at “is this server allowed to send?” cannot tell they are unwanted. Truly judging content the way a human would would require heavy processing or sending mail content to third parties, which raises privacy and cost issues. As a result, a lot of unwanted mail still gets through, and reducing how easily your address can be harvested is one practical step.

Reduce exposure at the source

You can make it harder for bots to read your email on the page: hide it behind a click or hover, or show it as an image. The generator below creates snippets or an image in your browser; nothing is sent to any server.

Examples

Try the two interactive methods with a demo address (contact@example.com). The address is only revealed when you click or hover.

Click-to-reveal

Click the button to reveal the email and get a mailto link.

Hover-to-reveal

Hover or focus the link to see the address.

Show email

Image (PNG)

The address is drawn as text on a transparent image; bots do not read it from the image.

Email embed generator

Enter your email and choose how it should be displayed. Everything runs in your browser; your address is never sent to a server.

Your email address

Display method

Button or link text (for click/hover)

Hover behaviour

Image options

Font:

Size: px

Text color:

Add anti-bot distraction (harder for OCR, still readable)

How the methods work

Click-to-reveal and hover-to-reveal keep the address out of the initial HTML. It is built from character codes in a small script and only shown when the user clicks or hovers. Crawlers that do not run JavaScript never see it.

Image (PNG) draws your email as text on a transparent background. Choose font, size, and colour, then download the PNG and use it on your site (e.g. in an <img>). Bots typically do not run OCR on every image, so this reduces harvesting. Use a short alt text for accessibility (e.g. “Contact: name at example dot com”) without putting the raw address in the HTML.

Limitations

These methods raise the bar for simple harvesters; they are not unbreakable. For high-risk cases, a contact form that never exposes an address is safer.