So for my responsive site, when in the mobile-scale, I have an "Email Us" button that the user can tap to open up the email client.
Originally this was a simple mailto:, but I've since changed it, but as I wanted to keep the changes to an absolute minimum, I decided upon the following method:
Replace the "mailto:example@email.com
with a link to redirect.php
in my site directory.
All that is in redirect.php
is this:
<?php
header('Location: mailto:example@email.com');
exit();
?>
And it behaves totally fine! That was the only spot where the email address was present in the HTML or JS, so I felt like it would be overkill to do a complete encryption of the email.
So my question is this: Is this enough to effectively keep spam-bots out? If no, what extra steps are necessary?
Obviously you can't 100% stop them from happening, but I figured as the actual address is only on the server-side, that would significantly reduce the risk. Right?