Email obfuscation

Knowing that spammers often use web crawlers (or let search engines do the work for them) to find email addresses sitting on web sites to add to their spam lists, most people now understand that it is a good idea to obfuscate email addresses they post on web sites. Many major sites do the obfuscation automatically, converting the addresses to images, which are much harder to scan, or making them less address-like, i.e. myname (-at-) mydomain (-dot-) com, trusting that users can figure it out, but hoping that computers cannot.

Which is all well and good, until you start using the mailto link, which is a link that is meant to open someone’s email program and automatically address the message. A lot of people who “get” that obfuscation is good don’t also get that if you put the *actual* email address in the mailto link, the spammers will be able to get to it even easier than if it was in the text of the web page. After all, something that says <a href="mailto:myname@mydomain.com"> is quite the red flag. And yet, when I make my mailto links the same as the displayed email address (i.e. with the obfuscation), I get complaints from people who don’t understand why when they click the link and it opens their email program the address isn’t correct, and their messages get bounced. You would think intelligent people, with a bit of thought, could figure this out.

Meanwhile, we have the highly silly phenomenon of sites using email addresses that are obfuscated to the naked eye but perfectly well-formed in the code, in the mailto links, saving the spammer the trouble while leaving the same amount of confusion in place for the reader.