On Mon, Apr 05, 2021 at 04:14:52PM -0400, Celejar wrote: > On Mon, 5 Apr 2021 15:51:28 -0400 > Dan Ritter <d...@randomstring.org> wrote: > > > Celejar wrote: > > > On Mon, 5 Apr 2021 14:12:07 -0400 > > > Dan Ritter <d...@randomstring.org> wrote: > > > > > > > Celejar wrote: > > > > > Hi, > > > > > > > > > > What's the recommended modern best practice for putting a contact > > > > > email > > > > > address on the web while avoiding having it scraped by spam / fraud > > > > > bots? > > > > > > > > Assume that every address will be hit by spammers and scammers. > > > > Put in appropriate antispam and antimalware precautions. > > > > > > Okay, but why isn't trying to limit spammers getting hold of an address > > > a logical part of a defense in depth strategy? > > > > Because it doesn't work. If it worked as well as, say, moving > > your SSH port*, I would encourage it. It does not. > > Source? Is this your personal experience, or do you have some other > basis for this? Cloudflare, for example, asserts that:
And what is their "source"? Judging by current spam pattern on the email server I administer, cloudflare (and sendgrid, google, MS) are a big contributer to spam by sneaking mail by dnsbl filter. They are rather a big part of the problem than part of an solution. > > "Cloudflare Email Address Obfuscation helps in spam prevention by > hiding email addresses appearing in your pages from email harvesters > and other bots, while remaining visible to your site visitors." <cynical>Sure, bud!</cynical> > > https://support.cloudflare.com/hc/en-us/articles/200170016-What-is-Email-Address-Obfuscation- > -H -- Henning Follmann | hfollm...@itcfollmann.com