Notes on good email obfuscation

I am happy to hand out my email address to all and sundry, and rely on good spam catching tools to keep the volume down. On the other hand, most people are not, and webmasters should feel some responsibility for others' addresses they post. I wanted to do it 'the right way' so, I coded up a Wordpress plugin to do the job, because rather oddly there did not seem to be any really top-notch ones which are sufficiently safe, and still work well for blind people (really the hardest group to build sites for, but we ought not begrudge them the effort).

The details of my research are up at the WP plugin page, so I will just note here some ongoing thoughts assuming you follow the method. Note that there are some changes from the original version of the method I am using (due to Van Gils, in a List Apart article). I made a few minor improvements to it, like encoding the dots and @ as letters so there is no hint that the link is not an ordinary text one. The implementation uses WP built-in bits too, avoiding .htaccess (so it works on IIS servers), but adding WP dependencies, including jQuery.

The big question for this method is what sort of text CAPTCHA to use at the end. I am not too happy with Van Gils' suggestion to just pose a simple addition problem. This is so widespread I am unconvinced bots will not work this one out soon. On the other hand, there are services like textCAPTCHA which produce a wide range of questions and answers for web services to tap into, but the questions always look a bit odd, and are never quite a 'polite' way of treating users.

The bigger question still is how to use technology to safeguard email as a way of increasing productivity. No-one is getting far on that one.