all are fairly useless. once your e-mail address gets out (and it will) obfuscating it is pretty pointless and just makes it harder for legitimate people to contact you. if you post to mailing lists, your address is surely out there in plain sight anyway. use a plain mailto: link and block spam at the smtp/mua level.

i've been using the same email address for almost a decade which is now in many mailing list archives, surely a bunch of spammers lists, and on every page of my website as a regular mailto: link with no obfuscation. my mail is filtered with sufficient smtp-level protection and maybe 1 junk message a day actually gets to my inbox.

Second that. My email address is public and forwards to GMail, where the Google spam filter gives one false negative a week and I can't remember a false positive. Google has spam beat.

My Gmail inbox would disagree with you.

I disagree. You want users to have some trust that you're at least trying to do the right thing. I use unique forwarding e-mails for every website I'm signed up to, and I've noticed a lot of spam harvested from Github. It makes me feel less warm & fuzzy about an otherwise excellent website.

Using one of the first two methods in the article is simple, so why not implement it? You're right that spammers will eventually get widely used e-mails, but you can minimize the chance it's your website's fault. The only reason I can see not to do it is cross-browser/accessibility issues. Does anyone know if these techniques cause problems?

What smtp-level protection are you using?

I recently kind of gave up and just relied on the Thunderbird spam filter, in addition to my handcrafted rules.

Now there are already thousands of files in my junk mail folder. It is infeasible to check them by hand, so I'll never learn about any false positives. In other words, email is not a reliable way to reach me anymore :-(

i was using a greylisting approach which filtered a lot of spam, but was annoying for customers who had to wait an hour to receive an initial e-mail from a new contact.

i've since switched back to postini. i haven't seen any changes on way or the other since their google acquisition, but their filtering is very accurate and they offer a webmail-like interface for checking/forwarding spam and adjusting settings.

Greylisting also brought me some relief for a while, but I don't think it is a longterm solution. Will check out postinit, thanks!

Is anyone else surprised by the effectiveness of ATs and DOTs?

Yes. Because if I were writing an email harvester I would handle those. Maybe they are lazy.

I believe it's a matter of complexity vs reward. There are already so many unobfuscated addresses available on the internet, that it's not really "worth it" to spend extra time parsing even simple obfuscation techniques. Something about low-hanging fruits?

I usually just put my email into an image and leave it at that. As previous people have said though, it is only a matter of time before your email gets on some lift. Ultimately it all comes down to the quality of your spam filter :-).

Also see http://jeaig.org/

Images are annoying because you can't copy and paste the address. I would suggest http://www.albionresearch.com/misc/obfuscator.php it's not perfect, but it's the best you can do and still allow clicking the address, and not use javascript.

While this seems like a nice, little tool, I find (as already mentioned in this thread) obfuscating emails a pointless endeavour.

In the end you will need a spam-filter anyway.