In my latest Guardian column, “Keeping an email address secret won’t hide it from spambots,” I explain why I don’t bother to hide my email address from spambots and what I do instead to stay on top of spam:
I don’t really care how much spam gets eaten by my filters – all I care about is how much spam gets through; that is, how much spam I have to clear out by hand. If the server is culling 16,000 or 160,000 spams a day, it makes no difference to me. On the other hand, if the 100-300 spams I manually kill every day turned into 1,000-3,000, it would seriously undermine my productivity.
So I publish my email address, because I have yet to see any compelling evidence that hiding your email address or using silly techniques like spelling it out (doctorowATcraphoundDOTcom) is any proof against email harvesters. I can think of a way of detecting and converting such obfuscated email addresses, and if I can think of it, so can some spambot author, and she can write the code to do it.
I also have yet to see any compelling evidence that each additional publication of my email address accounts for any uptick in the amount of email that penetrates my filters. Surely after more than a decade, my email address is already in the databases of the world’s greatest and most prolific spammers. Re-adding it doesn’t make their spam any better at puncturing my defences.
Indeed, the main category of spam that makes it through the filter comes from PR people who have bought it as part of a list of journalists who they might pitch and who are hoping to get a product mentioned on Boing Boing. This is the hardest stuff to filter, since it comes from so many valid email addresses, each message containing unique body text that mentions me by name.
Keeping an email address secret won’t hide it from spambots