Re: Modern best practice for putting a contact email on the web
On Mon, Apr 05, 2021 at 04:14:52PM -0400, Celejar wrote:
> On Mon, 5 Apr 2021 15:51:28 -0400
> Dan Ritter <dsr@randomstring.org> wrote:
>
> > Celejar wrote:
> > > On Mon, 5 Apr 2021 14:12:07 -0400
> > > Dan Ritter <dsr@randomstring.org> wrote:
> > >
> > > > Celejar wrote:
> > > > > Hi,
> > > > >
> > > > > What's the recommended modern best practice for putting a contact email
> > > > > address on the web while avoiding having it scraped by spam / fraud
> > > > > bots?
> > > >
> > > > Assume that every address will be hit by spammers and scammers.
> > > > Put in appropriate antispam and antimalware precautions.
> > >
> > > Okay, but why isn't trying to limit spammers getting hold of an address
> > > a logical part of a defense in depth strategy?
> >
> > Because it doesn't work. If it worked as well as, say, moving
> > your SSH port*, I would encourage it. It does not.
>
> Source? Is this your personal experience, or do you have some other
> basis for this? Cloudflare, for example, asserts that:
And what is their "source"? Judging by current spam pattern on the email
server I administer, cloudflare (and sendgrid, google, MS) are a big
contributer to spam by sneaking mail by dnsbl filter. They are rather a
big part of the problem than part of an solution.
>
> "Cloudflare Email Address Obfuscation helps in spam prevention by
> hiding email addresses appearing in your pages from email harvesters
> and other bots, while remaining visible to your site visitors."
<cynical>Sure, bud!</cynical>
>
> https://support.cloudflare.com/hc/en-us/articles/200170016-What-is-Email-Address-Obfuscation-
>
-H
--
Henning Follmann | hfollmann@itcfollmann.com
Reply to: