Why “username at domain dot com” isn’t fooling the spammers

  • Sharebar

A long time ago, when the World Wide Web was in its infancy, all the web developers used a “mailto link” like username@domain.com for e-mail addresses on their websites. A reader could simply click on the link, and her favorite mail reader would pop up with the “To:” and possibly even the “Subject:” lines pre-filled. Those days were good. However, the spammers, or more accurately, the e-mail harvesters, quickly realized that they could pad their e-mail lists by grabbing all the mailto links on a page. A few web developers got clever and dropped the link, putting addresses into their pages as simple text. But, the harvesters weren’t fooled for long. They began to grab both the mailto links and anything with an @ sign in it. It didn’t matter if sometimes they got nonsense like “flowers@$20/dozen”. It cost them little to try the “address” and strip it from the list when the mail bounced.

So then some other web denizens started to write out the “at” and/or the “dot” to thwart the harvesters. The harvesters caught on again. Here are some of the many permutations that have been tried:

  • username@domain.com
  • username at domain.com
  • username at domain dot com
  • username (at) domain (dot) com (with and without spaces)
  • username [at] domain [dot] com (with and without spaces)
  • username_at_domain_dot_com
  • userSPAMname at domain dot com
  • userREMOVEMEname at domain dot com
  • user(SPAM)name at domain dot com
  • username+spam at domain dot com
  • any of the above replacing “at” with “AT” or “@” and/or replacing “dot” with “DOT” or “.”

I hate to be the bearer of bad news, but a good programmer could write a SINGLE LINE of code using what’s called a “regular expression” that would recognize ALL of those formats as potential e-mail addresses. Another line or two might be needed to strip the extraneous characters out of the latter examples, but that’s it.

If you are posting your e-mail address in a form that follows the below pattern (choose one item from each column), then the harvesters’ web scraping code can already find you. Don’t feel left out if you’ve got a longer address like username@machine.domain.com or username@domain.com.ca, they’ve got you, too, if you’re following a similar pattern.

username * @
* domain * .
* com
* = no, one, or any combination of non-alphanumeric character(s)

It’s true that if you do something unique to disguise your e-mail address, the harvesters won’t find you right away, but once people begin to copy your format, the harvesters will code your pattern into their web scraping routines. Trying to disguise your e-mail address by putting it in any generalizable form is somewhat akin to putting a lock on your luggage. It makes you feel like your property is safer, and it’ll keep the lowest level thief out, but in the end, it’s only a minor deterrent to someone who really wants what’s inside.


Share with others:
  • Facebook
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Diigo
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
This entry was posted in Entering giveaways, Web browsing and tagged e-mail address, spammers. Bookmark the permalink.

7 Responses to Why “username at domain dot com” isn’t fooling the spammers

  1. Jessie says:

    I never realized it was so easy for them to track down the email addresses when they were spelled out like that. This post makes me sad cause I would always have to remind myself to spell the ‘at’ and all of it out and not put in the actual address. All that brain work, down the tube.

  2. penny says:

    I know, it makes me sad, too. I end up doing contortions like “username over at domain.com” to break the pattern, but it’s annoying. Someday I will give up altogether and just start typing out my e-mail address in plain sight and count on Gmail’s spam filter to take care of the rest.

  3. You won the Yoplait Prize Pack on my blog!! Email me your address so I can forward to Yoplait for shipping. Woo hoo!!! http://www.typicalsuburbanfamily.com/2011/03/07/yoplait-winner-finally/

  4. Heidi Kennedy says:

    Something I have seen done and have used it too myself if turning your email address into an image (just don’t name the image file something like “my email address”) Here is a site that will convert it into an image. http://chxo.com/labelgen/. More often than not I am like you Penny…I just put it all out there and hope for the best with gmail’s spam filters which are very good!

    Great blog idea BTW – Heidi from HCW

    • Penny says:

      The downside to using an image is that it forces a reader to type the whole address out if she wants to use it. I compromised on my Contact page, though I may decide to change it later. My username is an image because it’s simple to type, but the @slightlysquirrelly.com part is copy/pasteable so you don’t have to remember it’s two R’s and two L’s.

  5. Pingback: Surprise: There’s really no need to conceal your email address from spammers – Quartz | Right laptop mart

  6. Pingback: Is it safe to put your email online? Yes! | Jason's Blog

Leave a Reply

Your email address will not be published. Required fields are marked *