I wanted to move this conversation from
another thread, where it was off-topic. The backlog:
Also leaving your email address sitting on a forum like this...not so smart.
|
Yeah, us people writing e-mail address harvesting bots haven't figured out the ...
s/[\W\(\[\{\<]+at[\W\)\]\}\>]+/\@/gi |
... preprocessor thing yet...
And adding common domain suffixes - way over our heads... |
Not that inside, but if you have to post your email (which I dont) then you can least take simple steps to avoid some spam.
|
And now a question I'm replying to here:
Just a question how good is a java scrip encryption of an email address in protecting an email from bots? |
There are two kinds of e-mail address harvester bots: resource-efficient spidering scripts that don't bother parsing out the HTML much less the embedded scripts so that connection speed and not CPU is the performance bottleneck, and Web browser add-ons that are written in JavaScript and see the page exactly as the user does. When I was in the spamming business the latter were consider a luxury, because they required at least 50x more CPU power to run, but that's less significant today because computers and JS engines got a lot faster, and especially because of all the zombie machines out there running trojan Web browser toolbars that create invisible tabs / windows to execute their remotely controlled instructions and then "phone home" to upload the gathered data. As in-browser harvesters become more popular, the only truly safe way to post your e-mail address online would be in a way that can't be clicked or copy'n'pasted, like in a CAPTCHA image.
For a while my favorite spam control technique was to have my own e-mail server with a blacklist, which means all e-mail going to any technically-valid address @mydomain.com would get to me, unless I explicitly blocked it. Whenever posting an e-mail address, I used a unique username like ftl-forum@ or 2009-12-27@ - I even figured out a way to order business cards with card12345@ in the e-mail username (unique random number in each card). That way I'd know who leaked my e-mail address to the spammers and just block that one address. I'd also blacklist aliases like admin@ or webmaster@ because a lot of spammers just loop through all registered domains and target those addresses, but unfortunately the spammers eventually started including random aliases, and doing this via a white-list would be too much of a hassle.
E-mail really is a case of poorly-planned 20th century technology failing to scale up to the 21st century reality. Even with 90% spam filtering effectiveness the ones that get through typically outnumber your regular mail, and/or important messages occasionally get recognized as spam by mistake. That's why I hardly ever use e-mail anymore. Having the recipient's rather than the sender's server hold the message was pretty darn stupid, and like 90% of conversations people have are either completely public or involve more people than concatenating e-mail reply threads from multiple people makes convenient. I prefer to use a mesh of reliable forums instead.