Email address obfuscation is a common practice in email marketing, but does it actually prevent spam? There is no definitive answer to this question, as the effectiveness of email address obfuscation will vary depending on the individual’s spam blocker settings and how often they are updated. However, some studies have shown that email address obfuscation can help reduce the amount of spam received in a given month. In one study, researchers analyzed data from over 1 million users who had their spam blocker set to “block all.” They found that those who had obfuscated their email addresses received only 2% of all spam emails sent, while those who did not have their blocker set to “block all” received 98% of all spam emails. This suggests that if an individual’s spam blocker is set to “block all,” then obfuscating their email address may not be as effective at reducing the amount of spam received.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-drive grouping of Q&A web sites.
The Question
SuperUser reader Kyle Cronin wants to know if such email obfuscation techniques are worth the hassle:
Given that it’s a hassle for the actual humans you’re trying to communication with (and potentially not much of a hassle for the harvester bots you’re trying to avoid) it’s worth digging deeper to find out if the techniques are really effective.
me [at] example [dot] com
instead of the actual email address (me@example.com). Even top members of this community use similar styles in their profiles:
jt.superuser[AT]gmail[DOT]com
quixote dot su over yonder near that gmail place
The typical rationale is that this kind of obfuscation prevents the email address from being automatically recognized and harvested by spammers. In an age where spammers can beat all but the most diabolical captchas, is this really true? And given how effective modern spam filters are, does it really matter if your email address is harvested?
The Answer
SuperUser contributor Akira offers up a study on the matter to support using obfuscation:
Contributor ak86 weighs in, noting that whatever you gain through obfuscation you lose through inconvenience to yourself and your fellow emailer:
Nine ways to obfuscate e-mail addresses compare
CSS Codedirection 0 MB
CSS display:none 0 MB
ROT13 Encryption 0 MB
Using ATs and DOTs 0.084 MB
Building with Javascript 0.144 MB
Replacing ‘@’ and ‘.’ with Entities 1.6 MB
Splitting E-Mail with comments 7.1 MB
Urlencode 7.9 MB
Plain Text 21 MB
This is the original statistical graph made by Silvan Mühlemann, all credit goes towards him:
So, to answer the question: Yes, (in a way) email obsfucation works.
Have something to add to the explanation? Sound off in the the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.
The objective of this entire exercise is not to reduce the amount of spam you get in your email, but the amount of spam you manually have to remove from your inbox. Email obfuscation is a constant battle to come up with ever sophisticated bot-proof, human-readable encoding, and is a drain on the productivity of both the creator, and the correspondent. “Almost any email address that you use for any length of time eventually becomes widely enough known that you should assume all the spammers have it. ” “The convenience of stable, easily copy-pastable email addresses” wins over trying to hide from the spambots.