mailto
The mailto URI scheme is a standard protocol defined by the Internet Engineering Task Force (IETF) for creating Uniform Resource Identifiers (URIs) that identify resources accessible via Internet mail, primarily enabling hyperlinks to open a user's default email client with a pre-filled message including the recipient's address and optional elements like subject or body text.[1] Originally introduced in RFC 1738 in 1994 as part of the initial URI specifications, the mailto scheme was revised in RFC 2368 in 1998 to expand support for email headers beyond just the address, and further updated in RFC 6068 in 2010 to enhance compatibility with Internationalized Resource Identifiers (IRIs) and UTF-8 encoding for non-ASCII characters.[2][1] This evolution ensures broader internationalization while maintaining backward compatibility, though it does not fully address email address internationalization as covered in separate standards like RFC 4952.[1] In its basic form, a mailto URI consists of the prefix "mailto:" followed by an email address (e.g.,mailto:[email protected]), with optional query parameters after a "?" delimiter to specify headers such as subject, cc, bcc, or body, where multiple parameters are joined by "&" and values are percent-encoded for special characters.[1] For instance, mailto:[email protected]?subject=Hello&body=Message prepares an email draft addressed to the recipient with the given subject and body.[1]
Commonly employed in web development, mailto URIs are integrated into HTML <a> elements to create clickable links that trigger email composition directly from browsers, without requiring server-side processing, though success depends on the user's configured email application and may expose addresses to spam risks if overused. Key supported headers include to for the primary recipient, cc and bcc for additional addresses, subject for the message title, and body for initial content, but arbitrary headers are permitted as long as they conform to Internet mail standards.[1] Limitations include no guarantee of delivery, potential security concerns like phishing via malicious links, and variable client support for complex parameters.[1]
Overview
Definition
The mailto URI scheme is a standardized uniform resource identifier (URI) scheme defined in accordance with the generic syntax of RFC 3986, specifically designed to identify resources associated with Internet mail addresses and to facilitate the composition of new email messages within mail user agents (MUAs).[1] As outlined in RFC 6068, a mailto URI primarily specifies one or more email addresses as recipients, optionally including additional message components such as subject lines, carbon copy recipients, and body text, which are passed to the user's preferred email client to pre-populate a new outgoing message.[1] In operation, a mailto URI serves as a mechanism to trigger actions in email software, such as launching an MUA and initiating message composition, rather than retrieving or accessing pre-existing content from a remote server.[1] This distinguishes it from other URI schemes like http or ftp, which are oriented toward fetching and interacting with resources over networks, whereas mailto focuses on local client-side email generation without implying data retrieval from an external source.[1] A fundamental aspect of the mailto scheme is its role in enabling the creation of new email messages exclusively, without providing means to access or retrieve archived or existing correspondence.[1] This scheme originated in the early specifications for uniform resource locators, as initially described in RFC 1738.Purpose and applications
Themailto URI scheme serves primarily to designate an Internet mailing address, enabling the creation of hyperlinks or commands that launch a user's default email client with a pre-populated message template, including the recipient's address and optional elements such as subject, body text, and additional headers. This allows for direct initiation of email composition without requiring the user to manually enter details, facilitating seamless transitions from digital documents or interfaces to email interactions.[3]
In web development, mailto URIs are commonly integrated into hyperlinks on websites, such as "contact us" buttons or email icons, to provide a straightforward method for visitors to send inquiries directly from the page, bypassing the need for server-side form processing and reducing website maintenance overhead. For instance, a simple link can pre-fill the recipient field with a support email address, streamlining user outreach for e-commerce sites, blogs, or informational pages. Beyond the web, desktop applications leverage mailto by registering as protocol handlers in operating systems, allowing quick emailing features within productivity software or browsers, where clicking a mailto link automatically opens the configured email application with the specified details.[4]
The scheme's applications extend to programmatic contexts, such as automated email requests in mailing list management, where mailto URIs can trigger subscription or unsubscription actions by pre-filling the message body with commands, enhancing user self-service without custom backend implementations. Additionally, it supports interoperability in various applications and protocols for email-related workflows. Overall, mailto simplifies user interactions by bridging web and email ecosystems client-side, promoting accessibility and efficiency while avoiding dependencies on external servers or complex APIs.[3]
History
Initial definition
The mailto URL scheme was first formally introduced in December 1994 as part of the specifications for Uniform Resource Locators (URLs) in RFC 1738, which outlined a framework for identifying and accessing resources on the Internet.[5] This scheme was one of several early URI schemes designed to standardize the notation for various Internet resources, enabling consistent referencing across protocols and applications.[5] Developed during the rapid expansion of the World Wide Web in the mid-1990s, the mailto scheme aimed to facilitate the creation of hyperlinks in HTML documents that could directly invoke email composition by specifying recipient addresses.[5] At the time, the web's growth necessitated simple mechanisms for integrating email functionality, allowing users to click on a link to open their default mail client with a pre-filled recipient field, thereby bridging hypertext navigation with electronic mail systems.[5] The initial version of the mailto scheme was highly limited, supporting only the designation of an Internet mailing address without any additional parameters, headers, or body content.[5] Specifically, its syntax was defined asmailto:<[rfc](/page/RFC)822-addr-spec>, where the address followed the encoded format from RFC 822, and no reserved characters or further information could be implied or included.[5] Unlike other URL schemes, mailto did not point to a retrievable data object but rather served as a trigger for mail user agent actions.[5] This basic design was later expanded in subsequent RFCs to accommodate more complex email interactions.
Subsequent updates
In July 1998, RFC 2368 extended the mailto URL scheme to support the inclusion of message headers, such as subject, cc, bcc, and body content, thereby updating and superseding aspects of the earlier specifications in RFC 1738 and RFC 1808.[2] This update enabled more structured email composition triggers while maintaining compatibility with basic address designation. Subsequently, in October 2010, RFC 6068 obsoleted RFC 2368 and refined the mailto URI scheme to align with the generic URI syntax in RFC 3986.[1] Key refinements included support for Internationalized Resource Identifiers (IRIs) to handle non-ASCII characters, clarified rules for percent-encoding of parameters, and the deprecation of the body parameter's quoted-printable encoding in favor of direct URI encoding.[1] No major updates to the mailto scheme have occurred since RFC 6068, which established it as a stable Proposed Standard within the Internet Engineering Task Force (IETF) framework.[3]Syntax
URI format
Themailto URI scheme follows the generic syntax defined in RFC 3986 for Uniform Resource Identifiers (URIs), where a URI consists of a scheme followed by a hierarchical part, optional query, and optional fragment, expressed as scheme ":" hier-part [ "?" query ] [ "#" fragment ].[6] For mailto, the scheme is fixed as "mailto:", and the hierarchical part is rootless or empty, placing the primary email address(es) directly in the path component without an authority prefix like "//".[1] The overall form is thus mailto:local-part@domain (or multiple comma-separated addresses), adhering to the addr-spec from RFC 5322 for the local-part and domain.[1]
In the generic URI syntax, an optional authority component—preceded by "//" and potentially including userinfo (e.g., username:password@), host, and port—may appear after the scheme, but this is not used in mailto URIs; the email address instead forms the path, treating the scheme as non-hierarchical and opaque beyond the initial delimiter.[7] The userinfo subcomponent of authority, when present in other schemes, is deprecated due to security risks such as inadvertent exposure of credentials.[8] For mailto, the path component holds one or more addr-spec values (e.g., local-part@[domain](/page/Domain)), optionally followed by a query component starting with "?" to include additional parameters as key-value pairs separated by "&".[1]
Encoding in mailto URIs requires percent-encoding for reserved characters (such as /, ?, #, &, ;, =, and space as %20) to prevent delimiter conflicts, using the standard %HH form from RFC 3986.[9] Non-ASCII characters, including those in internationalized email addresses, are first converted to UTF-8 byte sequences and then percent-encoded (e.g., "café" becomes caf%C3%A9).[10] This ensures compatibility with the scheme's syntax while supporting global address formats per RFC 5322. The query component extends this structure for header-like parameters, but its details are scheme-specific.[1]
Supported headers
Themailto URI scheme supports a limited set of standard email headers as query parameters to pre-populate message fields when a client application, such as an email program, processes the URI.[1] These headers are appended to the URI after a question mark (?), with multiple parameters separated by ampersands (&), in the format ?header=value&header2=value.[1] For instance, mailto:[email protected]?subject=Test&[email protected] specifies a subject and carbon copy recipient.[1] All header values must conform to the syntax rules in RFC 5322 for email addresses and header fields, with reserved characters percent-encoded (e.g., spaces as %20, line breaks in body as %0D%0A).[1][11]
The primary recipient is implied by the path component of the URI (an email address or comma-separated list thereof), but additional recipients can be specified via the to header for clarity or multiple addresses.[1] The to header value follows RFC 5322's <addr-spec> format, allowing multiple addresses separated by commas (e.g., [email protected],[email protected]).[1][11]
The subject header provides a plain text subject line for the message, encoded as a case-sensitive value without additional structure.[1] The cc header adds carbon copy recipients in the same format as to, listing secondary addresses visible to all parties.[1] Similarly, the bcc header specifies blind carbon copy recipients, also in <addr-spec> format, though their inclusion in the URI makes them visible to anyone inspecting it.[1][11]
The body header contains the message body as plain text only, intended for the first text/plain part of the email; it supports no HTML, multipart MIME types, or other encodings beyond UTF-8 and percent-encoding.[1] Line breaks must be explicitly encoded as %0D%0A to ensure compatibility, and while RFC 5322 limits individual header lines to 998 characters (including folding), the URI's practical length constraints apply to the entire body value.[1][11]
Optionally, the in-reply-to header can reference a message ID for threading purposes, using a value like %3C3469A91.D10AF4C%40example.com%3E (percent-encoded).[1] The references header similarly links to one or more prior message IDs, comma-separated and encoded, though both are infrequently implemented in modern clients.[1] Duplicate headers are not recommended, as handling varies across implementations (e.g., using the first occurrence or concatenating values).[1]
Usage
In web documents
In HTML documents, themailto URI scheme is utilized as the value for the href attribute within <a> elements to establish hyperlinks that facilitate email communication. For instance, an anchor tag configured as <a href="mailto:[email protected]">Send Email</a> enables users to initiate an email draft upon activation. This integration is defined in the HTML specification, where mailto is recognized as a valid URL scheme for hyperlinks.
When a user activates a mailto link in a web browser, the browser typically invokes the operating system's default mail user agent (MUA), such as Microsoft Outlook or Mozilla Thunderbird on desktop systems, pre-populating the recipient field and any specified headers like subject or body. On mobile devices, this action commonly launches the native email application, such as the Mail app on iOS or Gmail on Android, depending on user-configured defaults. If no local MUA is available, certain browsers like Google Chrome may redirect to a configured webmail service, such as Gmail, to handle the request.[12]
For accessibility compliance, mailto links require descriptive link text that conveys the purpose, such as "Contact support" instead of merely displaying the email address, to ensure screen readers announce the action clearly to users with visual impairments. Additional ARIA attributes, like aria-label, can enhance this by providing supplementary descriptions when the visible text alone is ambiguous, aligning with WCAG guidelines for perceivable and operable content. Mobile considerations include ensuring touch-friendly link sizes, as activation seamlessly transitions to the device's email interface without disrupting the web experience.[13]
Modern browsers impose limitations on mailto links for security, preventing JavaScript from directly intercepting or automating their activation without explicit user gestures to mitigate potential abuse, such as unsolicited email launches. Consequently, in scenarios where a default MUA may not be present—particularly on shared or restricted devices—implementing fallback mechanisms like server-side web forms is recommended to guarantee consistent functionality and user control.[14]
In applications and protocols
Themailto URI scheme extends beyond web contexts into desktop applications, where it serves as a mechanism for embedding interactive email links within documents and interfaces. In applications like PDF viewers, such as Adobe Acrobat, users can create hyperlinks using the mailto scheme to enable direct initiation of email compositions from within PDF files; for instance, selecting text and linking it to a mailto URI prompts the default mail user agent (MUA) upon clicking, facilitating contact forms or support requests embedded in documents.[15] Similarly, word processors like Microsoft Word support inserting mailto hyperlinks via the Insert Hyperlink dialog, allowing users to associate selected text or objects with an email address, subject, and body parameters, which opens the system's default email client when activated.[16] This integration enhances document interactivity without requiring external scripting, relying on the application's URI handling capabilities to delegate to the OS-level MUA.
In communication protocols, mailto integrates with systems like XMPP to provide auxiliary contact mechanisms, particularly for service discovery and user addressing. Within the Extensible Messaging and Presence Protocol (XMPP), as defined in extensions like XEP-0157, mailto URIs are used in service discovery responses to advertise email contact points for XMPP entities, such as abuse reporting or administrative support; for example, a server might return <mailto:[email protected]> alongside XMPP addresses to enable email-based interaction with chat services.[17] This supports hybrid communication scenarios, including gateways that bridge XMPP chats to email for interoperability. These uses leverage mailto's standardized format to complement protocol-specific addressing, fostering unified user directories across messaging platforms.
Programming languages incorporate mailto support through APIs that invoke the system's default MUA, simplifying email initiation in applications. In Java, the java.awt.[Desktop](/page/Desktop) class provides the mail(URI) method, which constructs a mailto URI and launches the associated email client; for example, Desktop.getDesktop().mail(URI.create("mailto:[email protected]?subject=Hello")) populates the recipient and subject fields directly.[18] Python's webbrowser module offers a similar high-level interface via webbrowser.open('mailto:[email protected]'), which delegates to the OS to open the default browser or handler for the URI, effectively starting an email draft without low-level email library dependencies.[19] These APIs abstract URI scheme handling, ensuring cross-application compatibility while adhering to the underlying protocol's parameters like CC, BCC, and body content.
Cross-platform handling of mailto occurs at the operating system level through URI scheme registration, enabling seamless delegation to default applications regardless of the invoking software. On Windows, the registry stores protocol associations under keys like HKEY_CLASSES_ROOT\mailto\shell\open\command, where applications register as handlers to process mailto invocations, allowing the system to launch the configured MUA such as Outlook upon encountering the URI.[20] On macOS, Launch Services manages these associations via the application's Info.plist file, using keys like CFBundleURLTypes to declare support for the mailto scheme, after which the system queries and activates the appropriate handler through the Launch Services database for consistent behavior across apps.[21] This OS-level abstraction ensures that mailto functions uniformly in diverse environments, from native apps to scripted invocations, by centralizing scheme resolution.
Examples
Basic examples
Themailto URI scheme enables the creation of hyperlinks that, when activated, launch the user's default email client to compose a message. In its simplest form, a mailto URI specifies a single recipient's email address, prompting the client to open a new email addressed to that individual. For example, the URI mailto:[email protected] directs the email client to prepare a message to [email protected] with no additional fields pre-filled.[1]
To include a predefined subject line, the URI appends a query parameter using the subject header. This allows the email client to automatically populate the subject field upon opening. A basic instance is mailto:infobot@[example.com](/page/Example.com)?subject=current-issue, where the subject "current-issue" is set for the message to infobot@[example.com](/page/Example.com).
For addressing multiple recipients in the primary "To" field, email addresses are separated by commas within the URI's authority component. This results in all specified addresses being listed as direct recipients. An example is mailto:joe@[example.com](/page/Example.com),bob@[example.com](/page/Example.com), which opens an email client with both joe@[example.com](/page/Example.com) and bob@[example.com](/page/Example.com) in the "To" field.
Handling international or non-ASCII characters requires percent-encoding to ensure compatibility across systems, as per URI encoding rules. For instance, an email address containing accented characters, such as café@example.com, must be encoded as mailto:caf%C3%[email protected], where é is represented by its UTF-8 bytes in hexadecimal form (%C3%A9). This prevents parsing errors in email clients.[1]
Advanced examples
Advanced mailto URIs can incorporate multiple headers to pre-populate email fields such as carbon copy (cc), subject, and body, enabling more complete message preparation. For instance, the URImailto:[email protected][email protected]&subject=Hello&body=Hi specifies the primary recipient, adds a cc recipient, sets the subject line, and includes a brief body text, allowing the user's email client to launch with these details filled in. This multi-header approach is defined in the mailto URI specification, which permits headers to be chained using ampersands after the initial question mark.[1]
To handle multiline content in the body, special encoding is required for line breaks, as the URI must remain a single, valid string. The sequence %0D%0A represents a carriage return followed by a line feed (CRLF), the standard for email line endings. An example is mailto:[email protected]?body=send%20current-issue%0D%0Asend%20index, where the body instructs an automated service to send two items across lines. This encoding ensures compatibility with URI syntax rules while preserving the intended message structure.[1]
For email threading, the in-reply-to header can reference an existing message identifier, facilitating conversation continuity. The URI mailto:[email protected]?In-Reply-To=%3C3469A91.D10AF4C%40example.com%3E sets the reply header to a specific message ID (encoded with percent signs for angle brackets), which email clients use to link the new message to the thread. This feature supports standard email protocols for maintaining discussion context.[1]
A common edge case arises with overly long body content, where the URI exceeds practical limits for header fields. Email standards recommend that no header line surpass 998 characters to ensure reliable transmission across systems. If a mailto URI's body parameter generates a line longer than this threshold—such as a verbose, unencoded message—it may be truncated by the email client or mail server, potentially corrupting the intended content. Implementers must therefore encode and constrain body text to avoid such issues.[11]
Security and privacy
Risks and vulnerabilities
One significant privacy risk associated with mailto URIs is the exposure of email addresses when they are embedded in publicly accessible web pages or documents, allowing automated bots to harvest them for spam distribution.[1] This vulnerability arises because the URI scheme directly includes the recipient's address in plain text within the HTML source code, which web crawlers can easily parse and extract.[1] Additionally, browser histories or logs from network intermediaries (e.g., proxies) that record interactions with these URIs may inadvertently store email addresses, further increasing the potential for unauthorized access and misuse in targeted spam or phishing campaigns.[23] Security vulnerabilities in mailto URIs stem from their integration with email clients, where poorly implemented handlers in mail user agents (MUAs) can enable remote code execution or other exploits. For instance, certain desktop email clients, such as older versions of Microsoft Outlook, have been susceptible to attacks triggered by specially crafted mailto links that exploit inadequate parameter validation, potentially leading to arbitrary code execution without user interaction beyond clicking the link.[24] More recent examples include shell command injections and Emacs Lisp code injections in Emacs 28.1 through 28.2 via crafted mailto URIs (CVE-2023-27985 and CVE-2023-27986).[25] Malicious URIs can also facilitate phishing by incorporating deceptive elements like falsified subject lines or body content that prompt users to disclose sensitive information upon composing the email, as seen in scams exploiting mailto links on platforms like Instagram in 2025.[23] [26] In web contexts, these links serve as an attack vector when embedded in untrusted sites, exploiting MUA weaknesses to initiate unauthorized file attachments or other actions.[23] Header injection represents another critical vulnerability, occurring when unescaped user inputs are incorporated into mailto URI parameters, enabling attackers to append or modify email headers. For example, an attacker could manipulate a URI like mailto:[email protected]?subject=Hello by injecting %0D%0ACC:[email protected], thereby adding unauthorized recipients to the message without the sender's knowledge.[1] This can result in unintended disclosure of message content to third parties or facilitate spam relay through the victim's account.[1] Such injections exploit the lack of strict validation in URI construction, particularly in dynamic web applications. Although the mailto scheme's syntax does not support a userinfo component (e.g., username:password@), malformed URIs attempting to include it in legacy or non-compliant implementations may still process it insecurely, posing risks of credential leakage. This aligns with the broader deprecation of userinfo with credentials in URIs under RFC 3986 to prevent transmission of authentication information in plain text, which could otherwise be intercepted or harvested.[6]Mitigation strategies
To mitigate privacy risks from mailto URIs, such as email address harvesting by bots that can lead to unwanted spam, web developers should prefer server-side contact forms over direct mailto links, as these forms process messages without exposing the recipient's address in client-side code. Contact forms can incorporate CAPTCHA or other bot-detection mechanisms to further reduce abuse. [27] [28] When mailto links must be used, obfuscation methods like JavaScript-based encoding or Cloudflare's Email Address Obfuscation feature can dynamically construct the URI at runtime, rendering the email address invisible to simple scrapers while remaining functional for human users. These techniques split the address into parts (e.g., usingatob for base64 decoding) or rotate characters to evade pattern-matching bots. [29] [30]
For security in applications generating mailto URIs dynamically, strict input validation and sanitization of parameters (e.g., subject, body, cc) are critical to prevent injection attacks, such as SMTP command injection or cross-site scripting. The OWASP Input Validation Cheat Sheet recommends allowlist-based approaches, including regular expressions to enforce RFC 5321-compliant email formats (e.g., limiting local parts to 63 characters and restricting dangerous characters like backticks or null bytes), applied early in the data flow. Additionally, avoid populating the body parameter with untrusted user input, as it could introduce malicious payloads into the composed message. [31]
Mail user agents (MUAs) and browsers should be configured to always prompt users for confirmation before opening an email client or sending a message from a mailto link, disclosing the full intended headers and body to allow review and prevent unauthorized actions. For sites deemed untrusted, integrating webmail fallbacks (e.g., via links to services like Gmail) ensures users can choose secure composition methods without relying on local clients. [10]
To maintain standards compliance and avoid compatibility issues or vulnerabilities, mailto URIs must follow RFC 6068 encoding rules, percent-encoding non-ASCII and reserved characters (e.g., spaces as %20, question marks as %3F) in UTF-8, while eschewing deprecated elements like the userinfo component, which is incompatible with the scheme's syntax. Limiting headers to safe fields (e.g., To, Subject, Body) and avoiding duplicates further ensures interoperability across clients. [32] [10]