Some people think email obfuscation is a good way to fight spam, that it's somehow more difficult for spammers to understand "account at domain dot com" or "account&64;domain.com" than "firstname.lastname@example.org". These people are wrong. They will often readily admit that they don’t think email obfuscation will stop all spam, but it still makes them feel like they’re doing something in the war on drugs terrorism spam. Here's what they're doing: in addition to making email more difficult for legitimate uses, they're actually making it easier for spammers.
Google returns 27 million results for "* at * dot com". That's 27 million email addresses waiting to be spammed. Google doesn’t allow you to search for the "@" sign, so that’s 27 million email addresses that wouldn’t be available on Google if they were not obfuscated. Email obfuscation not only doesn’t hurt spammers — it actually helps them. Where it doesn’t make it easier, it acts as a placebo, making people feel more comfortable and complacent living in a world of spam. Like everything else, if you don’t want your email address publicly-available, don’t put it on the public web. But if we want to be able to publish email addresses on the web, we can’t continue this half-hearted war on spam, hiding under our beds of obfuscation and hoping they won’t find us.