Obfuscate an email address to avoid harvesting by spambots;
according to Project Honeypot,
a substantial fraction of email addresses targetted for spam are
harvested from Web pages.
Tim Williams's obfuscator, which generates
See also CMU's CAPTCHA project to make OCR-resistant text images.
mailto obfuscation is ipso facto impossible, since the web client has all the information it needs to decode the mail address.
But you can make it difficult, pretty much requiring a user to be running a regular web browser manually.
For instance, the script might require cookies enabled, or may only work within a short time of the page
being loaded, or may only work in the same user agent as was used to download the page, or may have a throttle and not respond to multiple requests from the same ip address.
These precautions are probably not necessary for a small site; trivial obfuscation is likely good enough.
If all that is needed is a way to send comments, then a Web form which sends mail to a fixed
address may be sufficient. (Note: scripts which send mail to an address coded in the HTML
are dangerous - they have been exploited to send spam).