Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is E-Mail Obscuration Worth It?

Posted by Cliff on from the minor-annoyances dept.

ThenAgain asks: "Many sites obscure e-mail addresses by adding noise (like 'STOPSPAM') or by translating the punctuation into words (Ex: 'me at domain dot com'). This makes users feel good but does it actually help? Ten lines of perl could defeat any of the present schemes with ease and the spammers have shown plenty of adaptability. So if we're not helping hold back the flood of spam, why are we decreasing the utility of the web by eliminating mailto tags and forcing users to hand-correct the addresses in their mail clients?"

8 of 204 comments (clear)

  1. first post? by Sdevine · · Score: 5, Insightful

    I'd say the obfuscation makes us feel better and the spammers don't care anyway. they have millions of addresses and more everyday from folks who don't take a second to obfuscate..

  2. Because... by Hanji · · Score: 5, Interesting

    Ten lines of perl could defeat any of the present schemes with ease...

    Yes, but, for now at least, there are still plenty of addresses from people who don't spam-guard, enough that writing those 10 lines of perl isn't even really worth it.

    Also, if you have your address spam-guarded, it's effectively a message to the spammers that, "I'm not one of the .01% of people who responds to this crap, and anything you send me will just hit my spam-filter anyways, so don't even try."

    And they don't, because it's just not worth it for both those reasons.

    --
    A Minesweeper clone that doesn't suck
  3. slashdot@davidcole.net by DavidCole · · Score: 5, Informative

    What I usually do is, whenever possible, to put who I'm giving my email address to as the initial part of the email address, ie. slashdot@davidcole.net so I will at least know who the jerk is who sold my address.

    Otherwise, I use a hotmail account to commonly give out. Obfuscated email addresses are obnoxious.

    --
    David Cole
    www.davidcole.net
  4. According to this it works... by Nemozob · · Score: 5, Interesting

    A study by the Center for Democracy & Technology in 2002 concluded that by either replacing email addresses with the HTML equivalent or human-readable equivalents like "example at domain dot com" signficantly cut down on spam. From their Major Findings: "E-mail addresses posted to Web sites using these conventions did not receive any spam." While, yes, it's relativley easy to write a script that would recombine the addresses, apparenlty most harvesters for whatever reason just aren't. My email address, which is posted online, is 'hidden' in HTML and I get very little spam after many years of having it up.

  5. Harvesting addresses is like picking cotton. by Anaxagor · · Score: 5, Interesting

    Go have a look around cotton fields just after harvest. Literally tons of the stuff is left behind at the edges of fields, blown along the roadside, lying on the stubble etc. Sure, you could go along and pick it up but the cost of doing so would outweigh the price you'd get for the extra x bushels you'd collect.

    It's the same with e-mail addresses - why should a spammer go to the trouble of modifying their bots to detect obscured addresses, when there are plenty of unobscured ones ready for harvest?

    I'm sure some spammers do try to pick up obscured addresses, but until they start running out of unobscured addresses, they'll keep going for the masses of low hanging fruit and not bother with the rest.

    Of course, obscurity doesn't save your address from brute forcing...

  6. Re:try this by gmhowell · · Score: 5, Funny

    Also, us Americans are woefully ignorant, even of our own geography. I was going to send mail to poughkeepsie354@hotmail.com

    --
    Jesus was all right but his disciples were thick and ordinary. -John Lennon
  7. My technique... by Txiasaeia · · Score: 5, Funny
    ...is to make an address completely unreadable to anybody but a human. For example:

    kajohnson@hotmail.com BECOMES
    kay_a_sonofjohn_atuh_hawtmayled0tcawm_(first_word_ letter_second_word_letter_switchfifthandthird_word _getridof_of_restofaddress_is_phoenetic)

    Sure, it's brutal to decipher, but there's no way a machine can poke through that mess. Fun for the receiver to figure out too :)

    --
    Condemnant quod non intellegunt.
  8. Re:10 Lines? by ThenAgain · · Score: 5, Funny
    Cool.. So, what ten lines do you recommend?

    Here it is in nine:

    #! /usr/bin/perl

    while(<>) { while(/([a-z0-9]+\@[a-z0-9.]+\.(com|org|net))/gi) { $a = $1;
    $a =~ s/[A-Z]+[0-9]*[A-Z]*//;
    print("$a\n");
    } while(/([a-z0-9]+ at ([a-z0-9]+ dot)+ (com|org|net))/gi) { $a = $1;
    $a =~ s/ at /\@/i;
    $a =~ s/ dot /\./ig;
    print("$a\n"); } }

    A real Perl hacker could probly do it in three, in the shape of a camel.