26

This may be a silly question, but why do people in academia tend to write their emails as jhon(dot)doe(at)gmail(dot)com?

unor
  • 359
  • 2
  • 14
han-tyumi
  • 491
  • 1
  • 4
  • 9
  • 46
    I've seen this trend outside of academia too, mostly by technical people (e.g. programmers and software project maintainers). As I understand it, it's a rudimentary trick to defeat programs that look through webpages trying to find email addresses to spam. Don't know if that's the whole story, though. – chipbuster Oct 07 '15 at 05:22
  • 20
    Let's face it: if I want to farm mail addresses by crawling the web, I'll quickly hack up a regexp that defeats most feeble attempts at disguising them like the one you reference. The level of protection can be estimated to be nearly zero. I suspect that there are far more efficient ways to far (valid) email addresses nowadays. – Raphael Oct 07 '15 at 09:44
  • 2
    @Raphael It is sufficient to defeat e-bay. – user207421 Oct 07 '15 at 09:47
  • 24
    I'm voting to close this question as off-topic because it is not specific to academia. People outside academia do this as much as people inside academia. – gerrit Oct 07 '15 at 10:11
  • It's to prevent robots harvesting the addresses for spamming. Other things you may see - especially when the . and @ are left in - are addresses like [email protected] or [email protected], where you're supposed to remove obvious parts before using the address. – Baard Kopperud Oct 07 '15 at 11:52
  • 1
    I agree with @gerrit, this question has almost nothing to do specifically with academia. Moreover, I feel like there is a lot of misinformed (though, well intentioned) discussion here as a result. –  Oct 07 '15 at 12:15
  • 2
    Sure, you can write a filter to find the addresses anyway. But what do you think your response rate is going to be on a mailing list composed of people who have taken explicit steps to avoid spam? – Random832 Oct 07 '15 at 13:21
  • 2
    see also this thread on stackexchange that explains the technical details. some of the masking techniques are quite effective, @Raphael – henning Oct 07 '15 at 15:45
  • 2
    @Raphael Why would you, though? You can harvest a lot of addresses anyway, and doing extra work for the regex doesn't really gain you that much. – Superbest Oct 07 '15 at 20:13
  • @gerrit I agree with the off-topic, but I think it would be better to migrate it rather than close. Also, in Academia these days, an unobfuscated email address will probably be displayed anyway in the University's staff directory, so that's another point distancing the question from Academia per se. – Superbest Oct 07 '15 at 20:16
  • 5
    Given that there are two answers addressing why academics specifically tend to use this somewhat outdated method of email address obfuscation, I must conclude that this is specific to academic and am voting to reopen. – ff524 Oct 08 '15 at 03:25
  • Many of us still don't have spam filters as effective as gmail. Most of academia is still on homegrown/managed systems, which don't have the resources Google has. I run my own email server, and though I have pretty updated spam filtering, quite a bit still gets through. – beerbajay Oct 08 '15 at 07:01
  • 3
    Fun fact: if you paste the obfuscated address into Gmail's "to" field, it will automatically convert it to the proper address. – Davidmh Oct 08 '15 at 08:14
  • 1
    This question should migrate somewhere else. Superuser maybe. – algiogia Oct 08 '15 at 08:59
  • Completely unrelated to this exchange. – Herman Toothrot Oct 08 '15 at 09:33
  • 2
    I'm voting to close this question as off-topic because it is not specific to academia. It may be on-topic on [su]. – Wrzlprmft Oct 08 '15 at 13:26
  • The on-topic aspect of this is that most academics have an institute homepage over which they have very limited control (e.g. they don't have the option to use script-based email address hiding), but they are expected to make their email address accessible to humans. – Chris H Oct 08 '15 at 13:37
  • Just some personal experience to add to the various statements that this is now pointless. I have different email addresses from different stages in my career. One is on my webpage and all my papers, in a basic obfuscated form. A second was written briefly in plain text on one webpage before I caught that the wrong one had been put up for me (I prefer to keep my publicised one consistent on my research). Both accounts delivered to gmail, and so they went through the same spam filter. For at least a year I got significantly more spam arriving to the new-and-only-briefly-publicised address than – Jessica B Oct 08 '15 at 07:31
  • Here is an answer from the SE about Information Security. http://security.stackexchange.com/a/45044/72376 – duzzy Oct 08 '15 at 18:42

4 Answers4

77

To avoid email harvesting spam-bots. (As if someone can't write a Perl script to make the appropriate substitutions.)

Corvus
  • 18,086
  • 6
  • 63
  • 82
  • 53
    It's worth noting that this occurs only on webpages (never in papers or non-web CVs). It's a 90s-era web convention, rather than an academic convention. – Anonymous Mathematician Oct 07 '15 at 05:26
  • Is there any evidence that this is actually necessary? I have had my mail address in the open for years and I don't get any spam. – Raphael Oct 07 '15 at 06:58
  • 1
    @Raphael It's all a matter of whether you think you'll get spam, and even if you do, whether you care. People do end up spammed - online sites are good places to rip valid email addresses. –  Oct 07 '15 at 07:06
  • 8
    @Raphael That cannot be -- the average user gets (much) more spam than legit mails. What can be is that your email client or provider filters spam. But such filters are necessarily heuristic and cannot be perfect. There will always be false positives and false negatives. If you indeed get no spam it means that the filter is on the strict side, filtering a lot. Inevitably this must include false positives, i.e. legit mails which you never receive. You should at least regularly read a filter digest, something which many filters offer. They contain a one-liner per filtered-out mail. – Peter - Reinstate Monica Oct 07 '15 at 08:24
  • 3
    @Raphael I see only now that you are a PHD student in the CS area, so all I have written was known to you, possibly better than to me. What is your own best guess then why you don't receive spam? It's very uncommon. – Peter - Reinstate Monica Oct 07 '15 at 08:28
  • @Raphael When I worked in academia and my email address was on the institute's website, I got a lot of calls for papers from insignificant "journals". This can't be easily classified as spam and therefore defeated the filters. – toni Oct 07 '15 at 08:28
  • 9
    @Raphael See this. Over the course of 1.5 years, the "control" email received 1800 spam emails (~3.2 a day!), and it was simply written on a single webpage. The fact that you don't see the spam you receive is a testimony to the effectiveness of spam filters. –  Oct 07 '15 at 08:55
  • @PeterSchneider et al.: There is no spam filter outside of my client that I know of (headers don't indicate one, anyway); it may be that our datacenter silently filters (which they should not). Well, I do get occasional mails by Computeroxy, and the odd "journal". But nothing of the Viagra or penis enlargement kind. The only address I get such (in volume) is one I used over at wordpress.org. Other, which have been online for years, get virtually none. I don't think people need to crawl the web for addresses these days. – Raphael Oct 07 '15 at 09:43
  • @NajibIdrissi Thanks for the reference! That's old, though; I'd be interested in a contemporary experiment. – Raphael Oct 07 '15 at 09:48
  • 8
    @Raphael You most certainly have at least one and (if in an institution) probably several upstream spam nets catching and silently filtering your mail. And you are glad you do, even if you think you aren't - you can be certain of that. – J... Oct 07 '15 at 10:05
  • @Raphael is either trolling or his institution is using an email system has very strict email filtering. Microsoft's latest email products are particularly aggressive at filtering without apologies for false positives. –  Oct 07 '15 at 12:08
  • @AnonymousMathematician That's a particularly poor assumption. While it may be more common to scrape the DOM of web pages, building an email harvester to scan PDFs is perfectly possible and I'm sure the exist. They are probably just not as common so you haven't personally experienced spam from your PDFs. –  Oct 07 '15 at 12:11
  • @Corvus Obviously you can use things other than Perl. There are a lot of great web scraping technologies that are not in Perl. –  Oct 07 '15 at 12:12
  • 2
    While you can write a script, in practice few people do: People who mask their email are such a small fraction of all the emails that it's not worth it, and furthermore they're low value emails since such a spam-savvy person would also be hard to fool with typical spam (simple scams, worthless "products", phishing, Nigerian princes). Remember that spammers don't profit from sending you spam, they profit from you replying to it. – Superbest Oct 07 '15 at 20:11
  • 2
    Just because someone can counter with some effort, it still can make sense to do something that is practically zero effort on your side. It is like a padlock: any idiot can break it with a hammer, yet it is much better protection than keeping things totally open. – Greg Oct 07 '15 at 21:37
  • 2
    @TomDworzanski: I'm not saying you can't extract e-mail addresses from PDFs, just that in practice academics don't obfuscate them there. (I don't recall ever having seen a paper with an obfuscated e-mail address, while I frequently see them on web pages.) My point is that although the question asks why "people in academia tend to write their emails as ...", it's not a general academic convention that e-mail addresses are always written this way. Rather, it's specific to web pages (regardless of whether this specificity is actually justified). – Anonymous Mathematician Oct 07 '15 at 21:58
  • i tend to make an image out of the email to avoid that kind of thing in websites i make. – Marcio Oct 08 '15 at 10:11
30

As others have said, it's to prevent email address harvesting. So why academic users mainly, and why do they use this pathetically ineffective technique?

Academic users were among the first to actually use the web for any purpose. Universities were the first large-scale source of email addresses, and when the web became available, academic users were the first large-scale group to take advantage of it. When spam started to become an issue in the early to mid 1990s, address obfuscation was actually an effective way of preventing address harvesting -- at least, for a few months, or a year or two, before spammers were doing the obvious corrections.

Even after spammers were correcting obfuscations, the early web users often continued to obfuscate: They had already done it and didn't bother changing it back, or they figured it might help and wouldn't hurt, or maybe they copied a template from someone else and just followed it. Again, these early web pages were not really designed as such, they were just some student or early-stage professor hand-coding html. If new web pages are still obfuscating, they're presumably just copying their mentor, or their mentor's mentor, without really thinking much about it.

That's the same reason you see this sort of thing among the other early-adopter classes of web users, like tech folks. People who put out pages in the early 90s had a more or less legitimate reason for it, and the tradition has just hung around.

(I just looked at my web page, first hand-coded with HTML in 1995, to see if I did this, but I don't even see an email address on my page any more. I don't think I ever bothered to obfuscate even when I did include contact links.)

iayork
  • 13,406
  • 6
  • 41
  • 50
24

Academics have a vested interest in being very public facing at times - it's easier to be contacted by potential students, collaborators, the media, etc. if your email address is readily available. And there isn't an incentive to hide your particular identity behind a large-scale corporate account ([email protected] for example).

Putting your email address out in the world, in plain text, is a recipe for having it harvested by spam-bots. Examples like the one you give are an attempt to make the address (marginally) less machine readable while still making it perfectly human readable.

Fomite
  • 51,973
  • 5
  • 115
  • 229
-1

Because those people (in academia or elsewhere) didn't learn proper ways to protect their e-mail addresses from spam bots.

Edit: I'm not sure how can I expand this without repeating Peter Schneider's comment. It is naive to believe that email collecting script would not be able to do basic regex substitution which defeats the use of (dot) instead of .. People writing their e-mails this way just make them less readable for people, not for bots.

Dmitry Grigoryev
  • 5,440
  • 13
  • 36
  • 3
    Could you perhaps expand a bit? – jakebeal Oct 08 '15 at 14:27
  • 2
    Using recaptcha may not be an acceptable alternative. If you care about the privacy of your visitors, you do not want them to have to ping Google if they want to see your address. Also, if you care about their time, you do not want to require them to solve human intelligence tasks for Google to see your address. – a3nm Oct 08 '15 at 16:00