FredLawl's Blog

Email Obfuscation

| Comments

Today at work I got a task from a client regarding Email Obfuscation. Obviously we all come across scenarios where we need to better secure our sites for our clients. But what about emails? It is common for a random bot to eventually crawl to our sites and pull all <a href="mailto:someemail@somedomain.com">someemail@somedomain.com</a> tags from our code and then add the emails to some job queue to spam the f*** out of us.

Granted, it is important we prevent spam, but to what extent shall we do it? I was suggested the article Nine ways to obfuscate e-mail addresses compared (Pardon the article title, there’s only three options I see on the page, unless I missed something). The website offers three solutions that may solve our problem. The stats of the graph speak for themselves, but Google searches suggest many other solutions to the problem as well. Are all the methods 100% full-proof—-nope.

One could go crazy trying to find or figure out the absolute best way to obfuscate our emails. Many of the solutions will stop most bots; however, as technology improves, the more “smart” spam bots become. Why do people have to ruin everything for everyone else? I don’t know, and neither will any of us. The reality is, it doesn’t matter what we do.

Let us think for a moment. We can stop the vast majority of bots, but, we can’t stop all of them without destroying a users’ experience—and even then we’re not protected. The reality is, if a spammer really wanted to target your site, they can.

Comments