

Do you think the whole email me at XXXXXX[at]XXXXXX[dot]com fools the spammers? - vaksel

I dunno seems like if I was going to design a bot, I'd put in the few simple combinations that the people try to use to fool it.
======
patio11
Why think when you can measure.

[http://techblog.tilllate.com/2008/07/20/ten-methods-to-
obfus...](http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-
mail-addresses-compared/)

That said, I use Gmail, and simply don't suffer enough from spam to bother
with any other method to reduce it. (And I say this as a guy who was employed
writing anti-spam filters for a while.)

~~~
nitrogen
Unfortunately, when copying and pasting the right-to-left version, the text
becomes left-to-right again (i.e. backward).

------
jaddison
It won't fool all of them, but for the ones who haven't got somewhat more
sophisticated spider-bots, it will.

Cutting down on spam is almost as good as eradicating it - in the sense that
it's damn near impossible to eradicate it anyhow.

~~~
jaddison
In fact, I think the best method is to get your own domain, set up Google Apps
for you domain. Then you can set the catch all address, and for every website
you need an email address for, you use <website>@<yourdomain>.com (eg
amazon@example.com and msdn@example.com.

Email to amazon and msdn addresses would autoforward to your catchall address
- if you found that msdn was spamming you too much, then you can just mark
anything coming in on that address as spam. (if their unsubscribe didn't work,
that is.

It's a great way to find out who sells their email lists (or has had them
stolen). "doostang.com" is a great example of this - I receive a ton of spam
from other companies based on the email I used on their website.

Just FYI.

~~~
arantius
> Then you can set the catch all address, and for every website you need an
> email address for, you use <website>@<yourdomain>.com (eg amazon@example.com
> and msdn@example.com.

I do exactly that, BUT with one critical difference:

I once had a catch-all address set up for everything@example.com, but I got
lots of spam to random made-up addresses. I now use
everything@sub.example.com, and I don't see any spammers making up addresses
within my subdomain.

Where this unfortunately breaks down seriously is those sites that _require_
you to log in with an email address, and require you to share that login with
other people. Especially paypal -- I get spam to my paypal address, because
anyone I've ever bought anything from on ebay knows that address. And there is
no way to both use that service and keep my email private. There's a variety
of similar sites out there.

------
jacquesm
Absolutely not, so that's why my email address is in plain sight where ever I
go.

Spam filters are there to take care of spam, not silly rules that are
trivially easy for computers to deal with but harder for humans (who might be
scanning for the '@' character on a page simply to see if there is an email
address there).

------
wvenable
People seem to think that spam bots are fairly stupid, but I've played the cat
and mouse game with them and they've been surprisingly smart. I added an
encoded cookie to the main page of the site which you needed to post but spam
bots had no little trouble with that. On another site, I used simple math
captcha -- but it was too simple and didn't even last a day. It seems to me
that simple replacements, such as the above, would be the first thing most
bots would handle.

~~~
fab13n
The incentives are different between spam comment blogs and e-mail spam.

Spam primarily sells shitty stuff for unsophisticated people: if you're bright
enough to obfuscate your address, even with [AT] ... [DOT], chances to sell
you herbal Viagra or to phish your SSN are very low, there's little point
collecting your e-mail address.

OTOH, when spammig your blog comments, the primary audiences are readers and
bots, so your net-literacy isn't a disincentive to spam.

~~~
igrekel
If what you do is sell a library of email addresses, it doesn't really matter
if the emails are of likely "customers" or not they just need to be emails
with someone at the other end.

------
ErrantX
I used to do this alot; the problem is if you forget or slip once, or a spider
is designed to scrape emails matching your pattern then it's worthless.

The way to look at it is "security through obfustication" - which most people
would agree is bad :)

Ultimately I found a better solution: Gmail. Catches almost all of the spam I
get - and filters catch newsletters etc. that "slip through" and get them out
of the inbox.

------
walesmd
I don't think it hurts anything. It only takes me a second and if someone
really wants to email me they will be willing to put it all together. If it
stops one spam message it was worth it.

On the other hand, GMail's spam filter is so good these days I rarely notice
spam so I really shouldn't care whether a bot snatches up my email address or
not. Guess it's just habit from the pre-Google years.

------
jonathanberger
I've experimented lately with both a company info@ address on a company
homepage and personal e-mail on my own homepage.

Given Gmail's excellent spam filter, I think the practice of disguising an
e-mail address is no longer necessary. I haven't received spam on either
address.

Has anyone else experimented recently and found something different?

~~~
m_eiman
"Everyone" is saying that GMail's spam filtering works very well, but how
about other mail apps? I've been using Apple Mail for several years, and it's
spam detection works nearly perfectly too.

------
praptak
On the contrary. For that reason I use plain Engrish to obfuscate my email
address. Something like "To get my email address, append @gmail.com to my last
name."

I was tempted to use a Python snippet for that, but decided that maybe some
non-geeks should be able to email me too.

~~~
ramchip
It's possible to be a geek and not use Python too ;)

~~~
scythe
Python is similar enough to most other programming languages (and has a
relatively small featurelist) that it's usually pretty easy to figure out what
it does even if you (like me) don't know the language.

Of course, you're out of luck if you have only ever used J, by some crazy
coincidence.

------
DJN
I normally generate a JPEG representation of my email address and use that
instead of the textual obfuscations.

So far it has worked well.

------
mfukar
It's really trivial to code for it, so I'd guess it never fooled anybody with
half a brain or the will to alter a simple regexp.

------
forensic
The ones who are dumb enough to fall for it are too dumb to bypass your spam
filter anyway.

------
genieyclo
Use scr.im.

------
joeycfan
I think they coded for that way back.

