On 2/22/23 09:08, juan via agora-discussion wrote: > I think about it constantly. Aesthetically, I'd wish for the use of real > URIs. But I'd rather have the communitie's input. > > Here are a couple of references: > > https://security.stackexchange.com/q/45041 > > https://web.archive.org/web/20130625145339/http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/ > > (Sorry for the long URL)
Pretty skeptical of those results both in their contemporary context and in a modern one. The dataset was just 9 email addresses, all using a custom domain. Most modern email addresses (and subsequently an increasing % of the email addresses in our records) are on a handful of domains (primarily gmail, yahoo, and proton among our users). Not to mention how few TLDs there are in practice. Hard to imagine scrapers look for only "at ... dot" instead of narrowing it to "at ... dot [com, edu, co.uk]". And all that assumes the scrapers are just basic regex matches, and not something much more sophisticated. Then there's the flip side. As I stated, an increasing % of us are on major providers. Even among those of us with custom domains, I imagine most are still using a provider and not running the server themselves. These major providers generally conquer spam pretty successfully. So is protecting against spam even really a concern? -- nix Herald
