There’s really no need to conceal your email address from spammers


The suggestion to mask or obscure email addresses to avoid spam has been around for more than a decade. References to replacing the @ with (at) or .com with (dot) com to reduce spam can be found on online message boards and archives dating back to the 1990s.

But there are two realities here.

Do you agree? Do you still bother to conceal your email address in this way?

  • rb763

    Unless I read it wrong the article is about posting your email address on Twitter posts. What about putting your address on your web site?

    • You didn’t read it wrong but his logic still stands.

      He says, “that parsing out an email address from one of the many obscuring formulations is just as easy for software as it is for humans. You think a computer can’t be programmed to realize what “[at] gmail [dot] com” means?”

      • rb763

        I suppose, but you could probably make it harder for them. For example, using a script that turns the email address into ascii code.

        Having said that, I just checked my website and I see my contact info is right in the open (I thought I had it coded) and I haven’t gotten a lot of spam.

        But I recently submitted a product inquiry to a company and within a day or two the email address I used was getting hundreds of spam messages. There was a falling out in that company and one of the founders was turfed…

        For that address, a combination of spamassassin and spamsieve saved the day although either one would have been good on its own.

    • The same argument applies. Preventing your address from falling into the hands of spammers is a fools errand.

      You cannot prevent spammers from sending you spam. What you can prevent is spam arriving in your inbox.

  • I haven’t bothered to obfuscate my email address for years. I don’t think I get any more spam than anyone else – in fact, judging by the complaints of my friends, I think I get a lot less.

  • Jos

    I’ve had the same domain since 2001, I know it matters to not post your email address. But seeing as the examples given really do date back to the 90’s they’re pointless because scrapers can easily recognize them. Use a contact form on your website, that way people can reach you and the scrapers can’t see your address.

  • JDSoCal

    First of all, he posted on dynamic comment pages. Try posting your e-mail on the index page of a domain name. I managed to get spidered by the spambots that way pretty damn fast. Then I started embedding it using HTML special characters and never had a problem. I really doubt enough people use special characters for their e-mail for the spambot developers to bother coding for it.

    The most fool-proof way is to just use a JavaScript-based mail form.

  • nicwise

    My address (a couple of them) are unobfuscated on my website. It’s not high traffic, but I’ve had the address for 12+ years, and I’ve never really hidden it.

    I get around 10 spam a day in my account – zero in my inbox. I’m using Google Apps.

    Spam is not a problem I’ve had for a long, long time.

  • Dave

    I just checked my Google Apps spam folder. 30497 messages (0.55 gig) over the past 30 days. Most of them appear to be going to random characters @ my domain, a bunch to info@, hr@, personal@, and some to dave@ (my actual address). This is likely higher than average since I have a few domains, and there is a catchall that redirects the mail to me. Probably a good idea to kill the catchall now. Personally I still obfuscate all emails addresses online, usually with JavaScript vs (at)(dot) which is agreeably pretty pointless.

  • I stopped caring when I moved to using Google Apps /GMail. There spam detection is bar none.