Bad idea: publishing faculty email addresses?


I’ve been tasked with designing and building my school’s website. One of the items requested was a list of the faculty and their email addresses.

I think this is probably a bad idea: email addresses can be harvested and spammed is the first reason I can think of. Are there others you can give me to present? Or is this actually a good idea?


Hi kleefaj, and welcome to SitePoint! :slight_smile:

Yeah, bad idea to have naked email addresses online. The best thing you can do is use a contact form instead. You could have a dropdown list that chooses which staff member to send the email to.

But if you must post email addresses, there are some methods of providing at least partial protection, like this one:

Obviously, putting naked email addresses on the web is never a good idea, but I wouldn’t go overkill on the idea of hiding them so much if they really want them displayed. Contact forms are definitely the best way to go, and methods like using reCAPTCHA to hide them and using Hivelogic are equally as effective, but you could probably get away with putting them as an image on the page.

It’s not the best solution, but for those who absolutely must have their email address on their page without any weird scripts hiding it it’s probably the best solution.

Honestly, the easiest way is to probably make each an image. They won’t get picked up and spammed.

Famous last words. :smiley: Spam bots cause the most damage, but there are plenty of people going directly to sites to gather email addresses / post spam, so an image is not a guarantee. The only way to guarantee that your email won’t be picked up is to use a form with server side processing. Even then, though, you’ll have plenty of idiots visiting your site to post spam comments.

you can significantly reduce or even eliminate it with a captcha on the form.

Why do you say that? Because spammers are lazy? :lol:

I guess it depends on the source of the spam.

I haven’t received any spam since putting my own captcha on my contact form.

With things like Mechanical Turk and scripts handling human tasks I don’t even think CAPTCHA’s are a guarantee any more. Obviously, they’re far better than images, but sometimes people just want their emails displayed. The last university I attended were adamant that their emails were available on their pages, even though there was a contact form available for them.

One big problem with contact forms is that some people either mistype or simply don’t know their email address. It’s a real pain to get a contact message from a customer that you can’t reply to.

It amazes me how often someone will quote me their email as something like, and I have to ask if they really want the .au on the end, and they say, “O, I’m not sure!” Blimey, peoples…

In case you have to display the addresses themselves, it would be a good idea to discuss the security concerns with the school officials first. On the other hand, it would be better to use a contact form instead.