Using a contact form that sends you an email server-side is a good one, that way they never have your email (unless you respond).<p>I also had a static website at one point where I didn't want to add server-side processing for a contact form so I stored the email address obfuscated in javascript like:<p><pre><code> ["m","o","c",".","l","i","a","m","e","@","e","m"].reverse().join('')
</code></pre>
and injected it into the page. It seems that most scraper bots don't execute javascript and with it split into an array they likely won't find it by scraping the js files either.
Assuming this is your personal website, a form with a captcha should suffice. Ensure the form limits the input to printable text and limit how often the form may be used by IP and globally. Captcha doesn't need to be a third party. It can be a simple math problem or a simple logic question or even "What is in the picture below?" and have a picture of a horse. Why a form? So people don't get your real email address and you have the option to only view the messages on your website at your leisure. Legit users will leak their contacts when they get malware on their system.
I am assuming you want to deter bots from scrapping your website to get your email address and spam you.<p>I suggest using something like “you can reach me at filipo [at] this domain name.”
I will do following<p><pre><code> mailid<img src='at.png' alt="@"/>mydomain.com
</code></pre>
then just skip creating at.png
Is this still an issue in 2021?<p>10-15 years ago I used to use all sorts of methods to prevent email addresses from being scraped, and I had 100s of spam emails a day to content with.<p>Nowadays I get maybe 2-3 spam emails a day and they're never to the 'info' or 'support' emails that I occasionally post on websites.<p>I don't think that this is a problem that needs fixing or requires any drastic preventative measures any more.