{{Short description|URI scheme for linking email addresses}} {{confused|Malito}} {{lowercase}} '''mailto''' is a Uniform Resource Identifier (URI) scheme for email addresses. It is used to produce hyperlinks on websites that allow users to send an email to a specific address directly from an HTML document, without having to copy and enter it into an email client.

It was originally defined by Request for Comments (RFC) 1738 in December 1994,<ref>{{cite web|url=https://tools.ietf.org/html/rfc1738|title=Uniform Resource Locators (URL)|author1-first=T.|author1-last=Berners-Lee|author2-first=Larry|author2-last=Masinter|author3-first=M.|author3-last=McCahill|date=December 1994|accessdate=11 September 2021}}</ref> expanded by <nowiki>RFC</nowiki> 2368 in July 1998,<ref>{{cite web|url=https://tools.ietf.org/html/rfc2368|title=The mailto URL scheme|author1-first=Paul|author1-last=Hoffman|author2-first=Larry|author2-last=Masinter|author3-first=Jamie|author3-last=Zawinski|author3-link=Jamie Zawinski|date=July 1998|accessdate=26 September 2015}}</ref> and refined by <nowiki>RFC</nowiki> 6068 in October 2010.<ref name="rfc6068">{{cite web|url=https://tools.ietf.org/html/rfc6068|title=The 'mailto' URI Scheme|author1-first=Martin|author1-last=Duerst|author2-first=Larry|author2-last=Masinter|author3-first=Jamie|author3-last=Zawinski|author3-link=Jamie Zawinski|date=October 2010|accessdate=26 September 2015}}</ref>

== Syntax == Mailto URIs are composed of the scheme <code>mailto:</code> and zero, one, or more recipient addresses separated with a comma. Additionally, email headers such as <code>cc</code> or <code>subject</code> can be added as attribute-value pairs in the query component of the email.

Percent-encoding must be used for the local-part of the Email addresses and for the header values. The Domain parts of the addresses can also be encoded using percent-encoding but using IDNA-Encoding is recommended for interoperability with legacy software.<ref name="rfc6068" />

== Examples == "mailto" can be used within an HTML document to generate a link for sending email: <syntaxhighlight lang="html"><a href="mailto:someone@example.com">Send email</a></syntaxhighlight>

Clicking on the hyperlink automatically opens the default email client, with the destination email address pre-filled.

It is possible to specify initial values for headers (e.g. subject, cc, etc.) and message body in the URL. Blanks, carriage returns, and line feeds cannot be directly embedded but must be percent-encoded:<ref>{{Cite web|url=https://developer.mozilla.org/en-US/docs/Learn/HTML/Introduction_to_HTML/Creating_hyperlinks|title=Creating hyperlinks § E-mail links|website=MDN Web Docs|language=en|access-date=2019-09-30}}</ref> <syntaxhighlight lang="html"><a href="mailto:someone@example.com?subject=This%20is%20the%20subject&cc=someone_else@example.com&body=This%20is%20the%20body">Send email</a></syntaxhighlight>

Multiple addresses can be specified:<ref name="rfc6068"/> <syntaxhighlight lang="html"><a href="mailto:someone@example.com,someoneelse@example.com">Send email</a></syntaxhighlight>

The address can be omitted: <syntaxhighlight lang="html"><a href="mailto:?subject=mailto%20with%20examples&body=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FMailto">Share this knowledge...</a></syntaxhighlight>Only the initial header should be prepended with a question mark. All subsequent headers require an ampersand. If this convention is not followed, the scheme will not properly copy over the headers to the email client.<ref>{{Cite web|title=RFC 6068|url=https://datatracker.ietf.org/doc/html/rfc6068#section-6.1|website=IETF Datatracker}}</ref>

==Security and privacy== {{see also|Address munging}}

A number of security issues are mentioned in [https://datatracker.ietf.org/doc/html/rfc6068#section-7 RFC 6068], one of them being robotic address harvesting. Mailto constructs are locatable within HTML pages by automated means which typically include the use of DOM constructs or regular expressions. Addresses harvested by such means are liable to be added to spammers' mass-mailing lists and thus to receive large amounts of unwanted mail.

While methods exist to "harden" mailto links against harvesting—address munging and JavaScript-based address obfuscation among them—these protections can be circumvented by sufficiently sophisticated harvesting robots. Other techniques, like walling the address behind a CAPTCHA or similar "humanity check", provide security on par with that available for other contact methods, most notably web forms, which experience similar challenges with preventing spam.

== References == <references /> {{URI scheme}}

Category:Email Category:URI schemes Category:Web 1.0