The issue with your request is specifically the "Supporting screen-readers", as by definition screen readers are a "bot" of some sort. If a screen-reader needs to be able to interpret the email address, then a page-crawler would be able to interpret it as well.

您请求的问题特别是“支持屏幕阅读器”，因为根据定义，屏幕阅读器是某种“机器人”。如果屏幕阅读器需要能够解释电子邮件地址，那么页面爬虫也能够解释它。

Also, the point of the mailtoattribute is to be the standard of how to do email addresses on the web. Asking if there is a second way to do that is sort of asking if there is a second standard.

此外，该mailto属性的重点是成为如何在网络上处理电子邮件地址的标准。询问是否有第二种方法可以做到这一点，就像在询问是否有第二个标准。

Doing it through scripts will still have the same issue as once the page is loaded, the script would have been run and the email address rendered in the DOM (unless you populate the email address on clickor something). Either way, screen readers will still have issues with this since it's not already loaded.

通过脚本执行它仍然会遇到与页面加载后相同的问题，脚本将已运行并且电子邮件地址在 DOM 中呈现（除非您填充电子邮件地址on click或其他内容）。无论哪种方式，屏幕阅读器仍然会遇到此问题，因为它尚未加载。

Honestly, just get an email service with a half decent spam filter and specify a default subject line that is easy for you to sort in your inbox.

老实说，只需获得一个带有一半不错的垃圾邮件过滤器的电子邮件服务，并指定一个默认主题行，以便您在收件箱中进行排序。

<a href="mailto:[email protected]?subject=Something to filter on">Email me</a>

What you're asking for is if the standard has two ways to do something, one for bots and the other for non-bots. The answer is it doesn't, and you have to just fight the bots as best you can.

您要问的是标准是否有两种方式来做某事，一种用于机器人，另一种用于非机器人。答案是不会，您必须尽最大努力与机器人战斗。

Defeating email bots is a tough one. You may want to check out the Email Address Harvesting countermeasures sectionon Wikipedia.

打败电子邮件机器人是一项艰巨的任务。您可能需要查看维基百科上的电子邮件地址收集对策部分。

My back-story is that I've written a search bot. It crawled 105,000+ URLs during it's initial run many years ago. From what I've learned from doing that is that web crawling bots literally see EVERYTHINGthat is text, which appears on a web page. Bots read everything except images.

我的背景故事是我写了一个搜索机器人。它在多年前首次运行期间抓取了 105,000 多个 URL。从我做那学到的是，网页抓取机器人从字面上看一切是文本，出现在网页上。机器人读取除图像之外的所有内容。

Spam can't be easily stopped via code for these reasons:

由于以下原因，无法通过代码轻松阻止垃圾邮件：

1. CSS & JS are irrelevant when using the mailto: tag. Bots specifically look at HTML pages for that "mailto:" keyword. Everything from that colon to the next single quote or double quote (whichever comes first) is seen as an email address. HTML entity email addresses - like the example above - can be quickly translated using a reverse ASCII method/function. Running the JavaScript code snippet above, quickly turns the string which starts with: your... into... "[email protected]". (My search bot threw away hrefs with mailto:email addresses, as I wanted URLs for web pages & not email addresses.)

2. If a page crashes a bot, the bot author will tune the bot to fix the crash with that page in mind, so that the bot won't crash at that page again in the future. Thus making their bot smarter.

3. Bot authors can write bots, which generate all known variations of email addresses... without crawling pages & never using any starter email addresses. While it may not be feasible to do that, it's not inconceivable with today's high-core count CPUs (which are hyper-threaded & run at 4+ GHz), plus the availability of using distributed cloud-based computing & even super computers. It's conceivable that someone can now create a bot-farm to spam everyone, without knowing anyone's email address. 20 years ago, that would have been incomprehensible.

4. Free email providers have had a history of selling their free user accounts to their advertisers. In the past, simply signing up for a free email account automatically guaranteed them a green light to start delivering spam to that email address... without ever using that email address online. I've seen that happen multiple times, with famous company names. (I won't mention any names.)

5. The mailto: keyword is part of this IETF RFC, where browsers are built to automatically launch the default email clients, from links with that keyword in them. JavaScript has to be used to interrupt that application launching process, when it happens.

1. 使用 mailto: 标签时，CSS 和 JS 无关紧要。机器人专门针对“mailto:”关键字查看 HTML 页面。从冒号到下一个单引号或双引号（以先到者为准）的所有内容都被视为电子邮件地址。HTML 实体电子邮件地址 - 就像上面的例子 - 可以使用反向 ASCII 方法/函数快速转换。运行上面的 JavaScript 代码片段，快速将以以下开头的字符串：your... 转换为...“[email protected]”。（我的搜索机器人丢弃了带有 mailto:email 地址的 href，因为我想要网页的 URL 而不是电子邮件地址。）

2. 如果页面使机器人崩溃，机器人作者将调整机器人以在记住该页面的情况下修复崩溃，以便机器人将来不会再次在该页面崩溃。从而使他们的机器人更智能。

3. 机器人作者可以编写机器人，生成所有已知的电子邮件地址变体……无需抓取页面，也从不使用任何初始电子邮件地址。虽然这样做可能不可行，但对于当今的高核 CPU（超线程并以 4+ GHz 运行），以及使用分布式基于云的计算甚至超级计算机的可用性，这并非不可想象。可以想象，现在有人可以创建一个机器人农场来向所有人发送垃圾邮件，而无需知道任何人的电子邮件地址。20年前，这是不可理解的。

4. 免费电子邮件提供商有向广告商出售免费用户帐户的历史。过去，只需注册一个免费电子邮件帐户即可自动保证他们为开始向该电子邮件地址发送垃圾邮件开了绿灯……而无需在线使用该电子邮件地址。我已经多次看到这种情况发生，有著名的公司名称。（我不会提到任何名字。）

5. mailto: 关键字是此IETF RFC 的一部分，其中构建了浏览器以从其中包含该关键字的链接自动启动默认电子邮件客户端。当应用程序启动过程发生时，必须使用 JavaScript 来中断它。

I don't think it's possible to stop 100% of spam while using traditional email servers, without using filters on the email server and possibly using images.

我认为在使用传统电子邮件服务器时不可能 100% 阻止垃圾邮件，而不在电子邮件服务器上使用过滤器，也可能使用图像。

There is one alternative... You can also build a chat-like email client, which runs internally on a website. It would be like Facebook's chat client. It's "kind of like email", but not really email. It's simply 1-to-1 instant messaging with an archiving feature... that auto-loads upon login. Since it has document attachment + link features, it works kind of like email... but without the spam. As long as you don't build an externally accessible API, then it's a closed system where people can't send spam into it.

还有一种选择……您还可以构建一个类似聊天的电子邮件客户端，它在网站内部运行。这就像 Facebook 的聊天客户端。它“有点像电子邮件”，但不是真正的电子邮件。它只是具有存档功能的一对一即时消息传递……登录时自动加载。由于它具有文档附件 + 链接功能，它的工作方式有点像电子邮件……但没有垃圾邮件。只要您不构建外部可访问的 API，那么它就是一个封闭系统，人们无法向其中发送垃圾邮件。

If you're planning to stick with strictly traditional email, then your best bet may be to run something like Apache's SpamAssassinon a company's email server.

如果您打算坚持使用严格的传统电子邮件，那么最好的办法可能是在公司的电子邮件服务器上运行 Apache 的SpamAssassin之类的程序。

You can also try combining multiple strategies as you've listed above, to make it harder for email harvesters to glean email addresses from your web pages. They won't stop 100% of the spam, 100% of the time... while also allowing 100% of the screen readers to work for blind visitors.

您还可以尝试结合上面列出的多种策略，使电子邮件收集器更难从您的网页中收集电子邮件地址。他们不会在 100% 的时间内阻止 100% 的垃圾邮件……同时还允许 100% 的屏幕阅读器为盲人访问者工作。

You've created a really good starting look at what's wrong with traditional email! Kudos to you for that!

您已经很好地开始了解传统电子邮件的问题所在！为你点赞！

A good screen reader is JAWSfrom Freedom Scientific. I've used that before to listen to how my webpages are read by blind users. (If you hear a male voice reading both actions [like clicking on a link] & text, try changing 1 voice to female so that 1 voice reads actions & another reads text. That makes it easier to hear how the web page is read for the visually impared.)

一个好的屏幕阅读器是来自Freedom Scientific 的JAWS。我以前用它来听盲人用户如何阅读我的网页。（如果您听到男性的声音同时阅读操作 [例如单击链接] 和文本，请尝试将 1 个语音更改为女性，以便 1 个语音读取操作，另一个语音读取文本。这样可以更容易地了解网页的阅读方式视力障碍者。）

Good luck with your Email Address Harvesting countermeasureendeavours!

祝您的电子邮件地址收集对策努力好运！

Here is an approach that does make use of JavaScript, but with a rather small foot-print. It's also very "ghetto", and generally I would not recommend an approach with inline JS in the HTML except you have an extreme reluctance to use JS, at all.

这是一种确实使用 JavaScript 的方法，但占用空间很小。它也是非常“贫民窟”，通常我不会推荐在 HTML 中使用内联 JS 的方法，除非您非常不愿意使用 JS。

<a
  href="#"
  data-contact="bGUtZW1haWxAdGhlLWRvbWFpbi5jb20="
  data-subj="QW4gQW1hemluZyBTdWJqZWN0"
  onfocus="this.href = 'mailto:' + atob(this.dataset.contact) + '?subject=' + atob(this.dataset.subj || '')"
  >
  Send an email
</a>

data-contactis the base64 encoded email address. And, data-subjis an optional base64 encoded subject.

data-contact是 base64 编码的电子邮件地址。并且，data-subj是一个可选的 base64 编码主题。

The main challenge with doing this without JS is that CSS can't alter HTML attributes. (The articleyou linked is a "pie-in-the-sky" musing and does not have any bearing on what is possible today or in the near future.)

在没有 JS 的情况下这样做的主要挑战是 CSS 不能改变 HTML 属性。（您链接的文章是“天上掉馅饼”的沉思，与今天或不久的将来可能发生的事情没有任何关系。）

The HTML entities approach you mentioned, or some variation of it, is likely the simplest option that will have some efficacy. Additionally, the iframeapproachis clever and the server redirect approachis pretty awesome. But, all three are vulnerable to bots:

您提到的 HTML 实体方法，或它的一些变体，可能是最简单的具有一定功效的选项。此外，该iframe方法很聪明，服务器重定向方法非常棒。但是，这三者都容易受到机器人的攻击：

• The HTML entities just need to be converted(and detecting that is simple)
• The document referenced by the iframe might simply be followed
• The server redirect might simply be followed, as well

• HTML 实体只需要转换（并且检测很简单）
• iframe 引用的文档可能会被简单地跟随
• 也可以简单地遵循服务器重定向

With the approach outlined above, the use of a base64 encoded email address in a data-contactattribute is very "one-off" – as long as the scrapper is not specifically designed for your site, it should work.

使用上面概述的方法，在data-contact属性中使用 base64 编码的电子邮件地址是非常“一次性的”——只要刮板不是专门为您的站点设计的，它应该可以工作。

Simple + Lot of @ + Editable without tools

简单 + 大量 @ + 无需工具即可编辑

<a href="mailto:user@domain@@com"
   onmouseover="this.href=this.href.replace('@@','.')">
   Send email
</a>

Have you considered using google's recaptcha mailhide? https://www.google.com/recaptcha/admin#mailhide

你有没有考虑过使用谷歌的recaptcha mailhide？ https://www.google.com/recaptcha/admin#mailhide

The idea is that when a user clicks the checkbox (see nocaptcha below), the full e-mail address is displayed.

这个想法是，当用户单击复选框（参见下面的 nocaptcha）时，将显示完整的电子邮件地址。

While recaptcha is traditionally not only hard for screen readers but also humans as well, with the roleout of google's nocaptcha recaptcha which you can read about hereas they relate to accessibility tests. It appears to show promise with regards to screen readers as it renders as a traditional checkbox from their view.

虽然传统上 recaptcha 不仅对屏幕阅读器而且对人类来说也很困难，但随着 google 的 nocaptcha recaptcha 的作用，您可以在此处阅读， 因为它们与可访问性测试有关。它似乎显示了对屏幕阅读器的承诺，因为从他们的角度来看，它呈现为传统的复选框。

Example #1 - Not secure but for easy illustration of the idea

示例 #1 - 不安全，但为了便于说明这个想法

Here is some code as an example without using mailhide but implementing something using recaptcha yourself: https://jsfiddle.net/43fad8pf/36/

这里有一些代码作为示例，不使用 mailhide，而是自己使用 recaptcha 实现一些东西：https://jsfiddle.net/43fad8pf/36/

<div class="container">
    <div id="recaptcha"></div>
</div>
<div id="email">
    Verify captcha to get e-mail
</div>

function createRecaptcha() {
    grecaptcha.render("recaptcha", {sitekey: "6LcgSAMTAAAAACc2C7rc6HB9ZmEX4SyB0bbAJvTG", theme: "light", callback: showEmail});
}
 createRecaptcha();

function showEmail() {
    // ideally you would do server side verification of the captcha and then the server would return the e-mail
  document.getElementById("email").innerHTML = "[email protected]";
}

Note: In my example I have the e-mail in a javascript function. Ideally you would have the recaptcha validated on the server end, and return the e-mail, otherwise the bot can simply get it in the code.

注意：在我的示例中，我在 javascript 函数中有电子邮件。理想情况下，您应该在服务器端验证 recaptcha，然后返回电子邮件，否则机器人可以简单地在代码中获取它。

Example #2 - Server side validation and returning of e-mail

示例 #2 - 服务器端验证和电子邮件的返回

If we use an example more like this, we get additional security: https://designracy.com/recaptcha-using-ajax-php-and-jquery/

如果我们使用更像这样的示例，我们将获得额外的安全性：https: //designracy.com/recaptcha-using-ajax-php-and-jquery/

function showEmail() {
    /* Check if the captcha is complete */
    if ($("#g-recaptcha-response").val()) {
        $.ajax({
            type: ‘POST',
            url: "verify.php", // The file we're making the request to
            dataType: ‘html',
            async: true,
            data: {
                captchaResponse: $("#g-recaptcha-response").val() // The generated response from the widget sent as a POST parameter
        },
        success: function (data) {
            alert("everything looks ok. Here is where we would take 'data' which contains the e-mail and put it somewhere in the document");
        },
        error: function (XMLHttpRequest, textStatus, errorThrown) {
            alert("You're a bot");
        }
    });
} else {
    alert("Please fill the captcha!");
}
});

Where verify.php is:

verify.php 在哪里：

$captcha = filter_input(INPUT_POST, ‘captchaResponse'); // get the captchaResponse parameter sent from our ajax

/* Check if captcha is filled */
if (!$captcha) {
    http_response_code(401); // Return error code if there is no captcha
}
$response =     file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=YOUR-SECRET-KEY-HERE&response=" . $captcha);
if ($response . success == false) {
echo ‘SPAM';
http_response_code(401); // It's SPAM! RETURN SOME KIND OF ERROR
} else {
// Everything is ok, should output this in json or something better, but this is an example
    echo '[email protected]'; 
}

People who write scrapers want to make their scrapers as efficient as possible. Therefore, they won't download styles, scripts, and other external resources. There's no method that I know of to set a mailtolink using CSS. In addition, you specifically said you didn't want to set the link using Javascript.

编写刮板的人希望使他们的刮板尽可能高效。因此，他们不会下载样式、脚本和其他外部资源。我不知道mailto使用 CSS设置链接的方法。此外，您明确表示不想使用 Javascript 设置链接。

If you think about what other types of resources there are, there's also external documents (i.e. HTML documents using iframes). Almost no scrapers would bother downloading the contents of iframes. Therefore, you can simply do:

如果您考虑一下还有哪些其他类型的资源，那么还有外部文档（即使用 iframe 的 HTML 文档）。几乎没有抓取工具会费心下载 iframe 的内容。因此，您可以简单地执行以下操作：

index.html:

索引.html：

<iframe src="frame.html" style="height: 1em; width: 100%; border: 0;"></iframe>

frame.html:

框架.html：

My email is <a href="mailto:[email protected]" target="_top">[email protected]</a>

To human users, the iframe looks just like normal text. Iframes are inline and transparent by default, so we just need set its border and dimensions. You can't make the size of the iframe match its content's size without using Javascript, so the best we can do is giving it predefined dimensions.

对于人类用户来说，iframe 看起来就像普通文本。iframes 默认是内联和透明的，所以我们只需要设置它的边框和尺寸。如果不使用 Javascript，您就无法使 iframe 的大小与其内容的大小相匹配，因此我们能做的最好的事情就是为其提供预定义的尺寸。

First, I don't think doing anything with CSS will work. All bots (except Google's crawler) simply ignore all styling on websites. Any solution has to work with JS or server-side.

首先，我认为用 CSS 做任何事情都行不通。所有机器人（除了 Google 的爬虫）都会忽略网站上的所有样式。任何解决方案都必须与 JS 或服务器端一起使用。

A server-side solution could be making an <a>that links to a new tab, which simply redirects to the desired mailto:

服务器端解决方案可以创建一个<a>指向新选项卡的链接，该选项卡只是重定向到所需的mailto：

That's all my ideas for now. Hope it helps.

这就是我目前的全部想法。希望能帮助到你。

Short answer to fulfill all your requirements is that it's impossible

满足您所有要求的简短回答是，这是不可能的

Some of the script-based options answered here may work for certain bots, but you wanted no-script, so, no, you can't.

此处回答的一些基于脚本的选项可能适用于某些机器人，但您不想要脚本，因此，不，您不能。

The one method I found effective is using it with css like below:

我发现有效的一种方法是将它与 css 一起使用，如下所示：

<a href="mailto:[email protected]">myemail@<span style="display:none;">ignore-</span>domain.com

<a href="mailto:[email protected]">myemail@<span style="display:none;">ignore-</span>domain.com

and then write a javascript to remove the ignoreme-word from the href="mailto:..."attribute with regex. This will hide email from bot as it will append ignore-word before real domain and this will work on screen reader and when user clicks on the link custom js function will remove the ignore-word from hrefattribute so it will open the real email.

然后编写一个 javascript 以使用正则表达式ignoreme-从href="mailto:..."属性中删除该单词。这将隐藏机器人的电子邮件，因为它将ignore-在真实域之前附加单词，这将在屏幕阅读器上工作，当用户单击链接时，自定义 js 函数ignore-将从href属性中删除单词，以便打开真实的电子邮件。

This method has been working very effectively for me till date. you can read more on this - http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/

迄今为止，这种方法对我来说非常有效。你可以阅读更多关于这个 - http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/