The mailto URI scheme, as registered with the Internet Assigned Numbers Authority (IANA), defines the scheme for Simple Mail Transfer Protocol (SMTP) email addresses. It allows users clicking a link in a website to send an e-mail without first having to copy the destination e-mail address and open an e-mail client. Though its use is not strictly defined, URLs of this form are intended to be used to open the new message window of the user's email client when the URL is activated, with the address as defined by the URL in the "To:" field.    
Using "mailto" within a HTML document to generate a link for sending email:
<a href="mailto:firstname.lastname@example.org">Send email</a>
It is also possible to specify initial values for headers (e.g. subject, cc, etc.) and message body in the URL. Blanks, carriage returns, and linefeeds cannot be embedded but must be percent-encoded.
<a href="mailto:email@example.com?subject=Thisfirstname.lastname@example.org&body=This%20is%20the%20body">Send email</a>
Multiple addresses can also be specified:
<a href="mailto:email@example.com,firstname.lastname@example.org">Send email</a>
The address can also be omitted:
<a href="mailto:?to=&subject=mailto%20with%20examples&body=http://en.wikipedia.org/wiki/Mailto">Share this knowledge...</a>
Mailto clickable links do not always function correctly for the site visitor. The software mechanism activated by the link requires that a default email client be established on the computer. This must be a local program, typically using the SMTP protocol to send outbound mail. With the rise in use of webmail-based email, many computers lack local email client software. Alternatively, email client software may have been preinstalled by the computer vendor, but never used or configured. When such a visitor clicks on a mailto URI in their web browser, either the browser will display an error to the effect that no default email client exists, or the user will be subjected to a volley of technical questions by the unconfigured email client. Neither is a desirable outcome. Some web browsers such as Opera, Firefox, and Chrome may be able to redirect clicks on mailto links to a chosen webmail service, but Internet Explorer as well as other browsers have no such capability.
Usually browsers have length limits of URL and it causes text length limits of sending emails.
Security and privacy
A number of security issues are mentioned in RFC2368, however the greatest concern is that of robotic address harvesting. Mailto constructs are locatable within HTML pages by automated means which typically include the use of DOM constructs or regular expressions. Addresses harvested by such means are liable to be added to spammers' mass-mailing lists, and to thus receive large amounts of unwanted mail.
A number of methods exist to 'harden' mailto links against harvesting. However, these methods are not guaranteed to remain effective if the technology of harvesting robots is improved. Therefore, there exists an argument for the deprecation of the mailto URI in favor of other means of providing contact facilities, such as online forms. Online forms, however, experience similar challenges with preventing spam, which has led to the introduction of CAPTCHAs, 'humanity checks' and other anti-spam measures.
- Kyrnin, Jennifer. "The Mailto Command". About.com Web Design/HTML. Retrieved December 9, 2012.
- RFC 2368 (Jul 1998) : by Paul Hoffman discusses operation of the "mailto" URL in chapter 3 (superseded by RFC 6068).
- RFC 6068 (Oct 2010) : replaces RFC 2368 (changes are mentioned in chapter 9).
- Description of mailto syntax