Email addresses in public constituent directories are vulnerable to harvesting by spam bots. This article covers three protective strategies: placing the directory behind a password-protected portal, displaying email addresses as icons instead of text, and using secondary forwarding email addresses.
💡Quick answers
- What is the most effective way to protect directory emails from spammers? Place the email directory behind a password-protected portal so only authenticated users can see it.
- How do you display email addresses as icons instead of text? In the Constituent element settings under Constituent Details or Pop-Up Details, find the Email(s) option and select "Display email address as icon."
- Does displaying emails as icons fully prevent harvesting? No; clicking the icon still exposes the address in the email window's To field, and some bots can find mailto links in page source. It acts as a deterrent, not a complete block.
- What is the forwarding email address strategy? Set up a secondary address (e.g., headofschool@yourschool.edu) that forwards to the staff member's real inbox; display only the secondary address publicly so you can filter what gets forwarded.
Mask email addresses on your Finalsite website from spam bots and email harvesters, including three preventative strategies: placing your email directory behind a password-protected portal, displaying email addresses as text, icons, or contact forms, and setting up secondary forwarding addresses for public-facing pages.
In this article
- Create a password-protected portal
- Display email address as text, icon, or contact form
- Set up secondary email addresses
In the same way that Google and other search engines crawl your web pages with bots that make your content searchable, spammers have bots that crawl your site looking for email addresses to take advantage of. In this article, we will show you some preventative alternatives.
Create a password-protected portal
The best way to help prevent this from happening to your constituents' emails is to make sure your email directory is situated behind a password-protected portal.
Display email address as text, icon, or contact form
Another way to make it harder for email harvesters to find email addresses is to display email addresses in a more hidden way rather than putting the full address directly on the page.
In the Composer Constituent Element, whether in the Constituent Details or Pop-Up Details section of the element settings, there is an option alongside the email display option to Display email address as Text, Icon, or Contact Form.Â
Display email address as a Contact FormÂ
For a deeper dive into the process for displaying email addresses as Contact Forms, check out the article, "Protect email addresses in your directory with a contact form."
Important Note
This does not permanently mask an email address. If someone clicks on the icon to bring up the email window, the address is available in the "To" field, where it can still be copied. Other types of email harvesters search the page source and can find "mailto" links as well as text addresses. This is, however, an extra step that acts as a deterrent by making it more difficult for bots to obtain the email addresses in bulk.
Set up secondary email addresses
An alternative that might fool more sophisticated email harvesters would be to set up secondary email addresses to use for emails coming from web pages. For example, if the head of school’s email address needs to be displayed on a public page, use headofschool@yourschool.edu and set it to forward to jsmith@yourschool.edu. Because it is a separate inbox, you can set up rules so that it only forwards legitimate-looking messages. For other extreme techniques to prevent email harvesting, explore those proposed by Smashing Magazine.
Comments
Please Sign in to leave a comment if you don't see the comment box below.