Should your business email address be public on your website?
A public email address is useful for trust and resilience, but it should not be your primary contact journey or your personal mailbox.
The practical answer
Use a short enquiry form as the main route. It works for visitors who do not have an email application configured, captures useful context, and gives you a clear confirmation that their message was received.
Keep a dedicated public alias, such as a general hello or enquiries address, as a fallback. Do not publish the mailbox you use for administration, banking, domain ownership, or other sensitive services.
What hiding the address does and does not do
A click-to-reveal address reduces simple automated scraping. It does not make the address secret. Once an address is used publicly, assume it will eventually receive unwanted mail and configure it accordingly.
The configuration that matters
- Use a dedicated public alias or shared mailbox rather than a personal account.
- Enable multi-factor authentication and avoid shared passwords.
- Configure SPF, DKIM, and DMARC for your email domain.
- Use the anti-spam and anti-phishing controls available in your email platform.
- Review who receives the mailbox and remove access when roles change.
- Keep important administrator accounts separate from public contact addresses.
Can you explain who receives your public contact email, how the mailbox is protected, and whether your domain is configured to reduce spoofing?