I saw an interesting link today that reminded me a lot of the XSS Calculator. I wonder why. No, really I actually don’t wonder why - it’s practically the same thing. Spam-me-not is designed to allow people to use the mailto: functionality as they would today but obfuscating the URL using a mix of HTML and HEX characters. Cool in concept, but pretty trivial to beat. The cost to modern day robots is next to none to do the sort of backwards conversions required to get the real text.
I think the value in this is fairly limited. Spam is sort of a way of life these days. Email is really taking a back seat to other forms of internet communcation like instant messaging and oversees you’re beginning to see a lot of voice over IP traffic. It just makes more sense. Email has been around for 15 or 20 years now, and the spammers are always ahead of the anti-spammers. That’s not entirely true though. I’ve got a few account that get thousands of spam emails a day, and I see none of it. It’s pretty remarkable actually.
This form of obfuscation that spam-me-not provides is probably effective at the lowest common denominator of spam bots. And as more people use this form of obfuscation, developers will spend the 10 seconds necessary to write the code to decode it (they don’t even have to write it from scratch since it’s already out there). All of this reminds me of the DMCA problem. If you release software that has to be decoded at some point there is nothing you can do to stop that decoded information from being logged elsewhere. It’s the nature of software. Oh well, maybe some people will find some use for spam-me-not - while the rest use email forms.