Since Anti-Spam version 5.177, a new feature is available: automatic email address encoding.
Now, all email characters on your public pages are hidden in the source code and protected from crawlers.
Visitors can still decode them with a click.
This helps reduce direct spam to your inbox.
You can enable this in the Data Processing section here:
WordPress Dashboard → Settings → Anti-Spam by Cleantalk → Advanced settings

The plugin will encode all email addresses on your pages.
Original view:

Encoded view:

After clicking the address will be decoded:

That’s exactly how it works. Try it out and keep your email addresses safe from bots.
How to Make Sure Email Encoding Is Working
1. Open your webpage in Guest (Incognito) mode
Go to a public page with an email address. If encoding is active, the email won’t appear in raw HTML — it will be encrypted.
2. Hover over and click the email
A hint will appear: “This contact was encoded by CleanTalk. Click to decode.”
Click to reveal the full address.
Note: if you’re logged in, encoding may not be applied — always test in Incognito mode.
To decrypt it, just click on it. If you hover the mouse pointer over the email, you’ll see the message:
“This contact was encoded by CleanTalk Contacts Encoder. Click to decode.”
This hint helps your website visitors understand how the protection works.
Make sure to test the encryption and decryption in Guest (Incognito) mode, because if you’re logged in, Contacts Encoder may be bypassed.
Encrypted view (Incognito mode) | Decrypted view (or authorized) |
![]() |
![]() |
Since version 5.184 of the Anti-Spam plugin, each email encoding is logged in your Anti-Spam Log with the status “Decoding approved”.

Feel free to ask your questions in the comments below or email us at we*****@*******lk.org 🙂
If you can see the full email address right away, you’re probably not viewing the page in Incognito mode, and Contacts Encoder didn’t activate.
Leave a Reply