Stop it: “email AT domain DOT com” is making a spammer’s job easier
Its pretty well established that “email AT domain DOT com” offers only marginal protection from spammers getting your email address, but sometimes, it makes it even easier. Look at this google query for “at gmail dot com” restricted to LinkedIn.com
From a search like this I can harvest thousands of reliable emails off linkedin.com, or the general internet, using only the search engine context. In fact, I did, here’s 500 gmail addresses from LinkedIn with the last few letters removed.
Search engines don’t index special characters, so an email of the form “email@domain.com” is protected from this sort of discovery. The basic trouble is “email AT domain DOT com” is completely indexed by search engines, and its unique enough that whenever you see “at domain dot com”, you know its part of an email address.
If you really want to evade an email harvester, put up an image of your address, use some css/js obfuscation techniques, or encode your email in a simple statement like ‘my last name at gmail.com’
Personally, I already get enough spam, and gmail provides excellent enough spam filters, that I don’t mind spreading my real email address around anyway. Go ahead, send me a note at chris@varenhor.st if you wish!
How does this actually make it easier at all? Useless as obfuscation, yes; easier, no.
http://www.google.com/search?q=site%3Alinkedin.com+%22%40gmail.com%22&btnG=Search&aq=f&oq=&aqi=
a search for ‘@gmail.com’ is actually just a search for “gmail com” as google ignores @ and .
http://www.google.com/search?q=%22%40gmail.com%22
http://www.google.com/search?q=%22gmail%20com%22
It works in your example because the search is on linkedin.com !
Agreed! I’ve never seen a spike in spam from posting my gmail address on message boards, comments, etc.
-Kevin, kevin@ebaugh.org
Fascinating…
Disagree.
http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/
Good info! There are also a few other alternatives to images, that protect your address:
You can use a free disposable email when you give out your address, and use a disposable contact form on your site to prevent your address being picked up by spam bots.
They can’t spam your real address, if you never give it out!!!
I check this link for a contact form (note, i am a developer)
http://www.whyspam.me/forms/HQ
I’m signing you up for so much spam: chris@varenhor.st
Good observation. Btw, have you written the E-Mail extraction code yourself or was it a Perl module or something similar? Would you give us more details on it?
Thanks.
@chris
The official PHP site is another site where you would expect the admins to know better – all user generated content is presented along with a “name at domain dot tld” email address.
For that reason I created a free open-source solution that handles all your mailto obfuscation needs with a single line of PHP code that you paste into your document’s HEAD section. It does all the rest automagically. It’s called PrivateDaddy and you can read more about it at http://www.privatedaddy.com/. Hope you don’t mind the shameless plug
10x,
Andy
Just wrote it myself! It was an utter hack…but collected some emails.