First: Certainly such bots are scanning for href tags, but also form
action tags and hidden fields. Not quite sure what you mean by "behind
the forms," though. It's not really possible for a bot to see what the
server is doing with the processed form--not unless your server's been
hacked, of course!

I generally use throw-away e-mails. (For instance, I created my
current address--funny_leech--a couple days ago, and will use it a
month or so.) This is especially useful for forms, ie, when you don't
expect the user to put the e-mail in an address book to use later.
Best would be to not expose any such information on the website; merely
forward forms to a page that processes the request, with the actual
processing taking place in the background.

Another trick is to convert e-mail addresses to unicode, which is
properly rendered in all browsers, and which dumb bots won't catch.
(Though any commercial bot would see through such a trick.) That
means, that instead of :
<a href="mailto:me@example.com">Send us a letter</a>
you would have
<a
href="mailto:me@example.com">
us a letter</a>

Walter Gildersleeve
Freiburg, Germany

__________________________________________________ ____
http://linkfrog.net
URL Shortening
Free and easy, small and green.