Slashdot Mirror


Is E-Mail Obscuration Worth It?

ThenAgain asks: "Many sites obscure e-mail addresses by adding noise (like 'STOPSPAM') or by translating the punctuation into words (Ex: 'me at domain dot com'). This makes users feel good but does it actually help? Ten lines of perl could defeat any of the present schemes with ease and the spammers have shown plenty of adaptability. So if we're not helping hold back the flood of spam, why are we decreasing the utility of the web by eliminating mailto tags and forcing users to hand-correct the addresses in their mail clients?"

7 of 204 comments (clear)

  1. first post? by Sdevine · · Score: 5, Insightful

    I'd say the obfuscation makes us feel better and the spammers don't care anyway. they have millions of addresses and more everyday from folks who don't take a second to obfuscate..

  2. 10 Lines? by swdunlop · · Score: 4, Insightful

    Cool.. So, what ten lines do you recommend?

    Give us 10 lines of perl that will harvest armored email accounts out of a large document, with at least half of the harvested addresses actually usable, and at least half of the potential addresses harvested.

    The point is to make the harvesting costly, and reduce the usefulness of spam address harvesting. I maintain three email accounts. One that is used publicly, like here on Slashdot, one that is used for business transactions, like ordering things from Amazon, etc, and one that is a throwaway for registering accounts with various online services.

    Of the three, the first one, which is displayed widely, on K5, Slashdot, Groklaw, LiveJournal, and a lot of other heavily trafficed community sites, does not receive any spam of note. The second gets a pretty steady flow.. And the third.. Well.. The third is redirected to /dev/null most days, unless I'm looking for one of those precious "email validation" messages.

    Btw, that first email address has been in use for over three years, now.

    1. Re:10 Lines? by daviddennis · · Score: 4, Insightful

      I could picture someone writing a truly humungous program to get all known variations. You could get one or two variations with 10 lines of Perl, but there are hundreds of different NOSPAM schemes out there, and each one would need a few lines to parse.

      davidNOSPAM@amazing.com
      david at amazing.com
      davidATamazingDOTcom
      david@amazing.M OC (with verbal instructions to reverse it)
      etc

      I don't bother spamguarding my address because I like to make it easy for people to contact me, and because my email address, in use since 1993, is pretty much everywhere anyway.

      Quite honestly postal spam bothers me more than email, since I have to physically dispose of it all ...

      D

  3. try this by Joe+the+Lesser · · Score: 3, Insightful

    email:(Thecapitalofnewyorkstate)354@hotmail.com.fi llintheblank.

    no program is gonna figure it out, unless they knew the algorithm, which they likely don't. It's always *possible* to outmanuever the spammers in some way or another.

    Whether it's worth the hassle, is of course, your call.

    (albany354@hotmail.com is not my actual email address, so feel free to spam it.)

    --
    "I only speak the truth"
    Karma: null(Mostly affected by an unassigned variable)
    1. Re:try this by Craigj0 · · Score: 3, Insightful

      >email:(Thecapitalofnewyorkstate)354@hotmail.com.f i llintheblank.
      >no program is gonna figure it out, unless they knew the algorithm, which they likely don't. It's always *possible* to outmanuever the spammers in some way or another.
      >Whether it's worth the hassle, is of course, your call.

      Remember it is not just a hassle for the creator of the email address. It is also a pain in the ass for everyone else. I for one hope I never have to send an email to someone doing that type of masking. How many of us non americans know what the capital of new york state is? I for one will not be looking it up unless I really need to email you.

  4. Re:Because... by Babbster · · Score: 4, Insightful
    A couple things:

    1. Writing those "ten lines of perl" is indeed worth it if you want the addresses from the site doing the obfuscation, especially if you know something about those contributing to the site and want to target particular types of people (probably not done often by spammers as they obviously prefer the shotgun approach). Spamming is a business and they can afford to pay programmers - and they DO, given that there are companies out there making software to service spammers.

    2. If the obfuscation is automatic or defaults to "on" there really is no message being sent by the owner of the address.

    I leave my address open (here and elsewhere) for two reasons: I don't really care what drops into that particular inbox and there's enough filtering on it, local and remote, that it's still useful as an open contact point.

  5. Re:Because... by Weh · · Score: 3, Insightful

    I suspect that the email harvesters don't really care about the person behind the email address, all they want is lots of valid email addresses which they can sell to spammers.