There is an army of spiders out there.  Some, like GoogleBot, you want scanning your site to be listed in their search engine. Many however have a devious purpose–to collect email addresses to add to spam email lists. If your email address is already out there, then there is no pulling it back in. The only way to eliminate spam is to create a different address and inform all your contacts that you have changed email addresses.

Ways to combat email spam:

• A non-linked image
• HTML entity encoding
• Client-side obfuscation/abstraction (via JavaScript)
• Server-side redirect
• Contact form (no email address listed)

If your email address, is spelled out with any client viewable code, it is possible to obtain. Now that search engines can read PDF documents, including your email within a PDF as text may be suspect. I have not gone into great depth on any of them below but have provided a short description of each method with advantages and disadvantages listed.

A non-linked image

• Anyone viewing images can see your address, but has to visually remember and re-type this address
• Low chance of your email address being grabbed by a spam robot

This is how Facebook displays email addresses in one’s profile. It is inconvenient to the user, since he or she cannot click the email address in order to send an email. The spider may grab one’s email address if a spam robot uses image reading (Optical Character Recognition) though this is unlikely at this time.

HTML entity encoding

• Anyone with a typical browser will be able to contact you
• Medium to high chance of your email address being grabbed by a spam robot

This method encodes certain characters of the email address into Unicode.  For instance, “Bob” in Unicode is “Bob” Since computers create Unicode, it does not seem like a hard task to decode from Unicode. I do not recommend this solution.

Client-side obfuscation/abstraction (via JavaScript)

• Anyone with a typical browser will be able to contact you
• Low chance of your email address being grabbed by a spam robot

This anti-spam solution is not a cure all–but it is my favorite right now. Some spider bots do run JavaScript. The majority of the spider robots do not however. The method described here not only prevents your email address from being obvious simple text, but it also performs levels of obfuscation and abstraction that makes it useable for actual browsers to read and gracefully degrade for those without JavaScript running.

In a related form, if you create your JavaScript function or call of the function on the server-side (ASP, PHP, etc) then you can slightly change the function over a period of time.  The user will never notice, since the output being given is exactly the same. It is only the input (the simple text) into the JavaScript function that is being changed.

Server-side redirect

• Anyone with a typical browser will be able to contact you
• Medium to high chance of your email address being grabbed by a spam robot

There are several ways to do this. Most redirect to a script that provides the email address. The problem with this solution is that spam robots will follow the link and eventually grab the URL although the email address is not in plain text. It is being given out. This is an example of the server-side redirect method. A similar solution is MailHide from Captcha. I don’t recommend any use of Captcha except as a last resort, since I don’t enjoy using captchas myself.

Contact form (no email address listed)

• Anyone with a typical browser will be able to contact you, but will not know your email address
  
• Next to no chance of your email address being grabbed by a spam robot

This is guaranteed to save your email address from spam lists, since your email address is never used within your page. This solution could be annoying, since a potential vendor will have to use the contact form to hear more about your product. I’ve always thought this was impersonal. Although less of an issue for personal sites, a user often does not feel he or she is contacting the site owner.

In conclusion

The contact form is the only full-proof way, but right now, I prefer JavaScript obscuration. If my email address is captured, Gmail does a very good job (if sometimes, too aggressive) of ferreting out the email spam. If you’d like to have a small sense of justice, you can link your website to a multitude of email addresses that are all fake.

Photo: Lake Tawakoni State Park, Texas, August 15, 2007 (Donna Garde)

Anti-Spam Plugins

Math Comment Spam Protection

This plugin asks an additional question after a commentors name and email to prove that the commentor is human and not a comment spam bot. I currently have my websites set up to say “Enter numeral for the sum of two and nine. (e.g. 10).” There many other types of capcha’s but this is my favorite since, it doesn’t involve titlting your head sideways and reading backwards!

Simple Trackback Validation

This plugin scans any page that tries to add a trackback to your blog. If the link to your website does not exist, the trackback link is ignored. With modern blogs using pingbacks instead of trackbacks, you may want to disable trackbacks completely.

Category/Tag Plugins

Simple Tags

This plugin allows mass-editing of tags, and it can remove unused tags.

Batch Categories

With the advent of tags, many bloggers do not categorize their posts as strictly as they used to. This plugin allows mass-editing of categories. If you have many categories and need to move posts between categories, use this plugin.

Additional Content Plugins

Dagon Design Sitemap Generator

This plugin creates a sitemap for users (not a XML sitemap for search engines) that lists all posts and pages by category. You can use multiple pages, but I prefer only one page.

Popularity Contes

This plugin is great for listing the “most touched” posts. By “most touched,” I mean that views, RSS views, commenting and more statistics are used and weighted to decided which posts are most popular. It’s half science, half meta-science, since items on your home page will be viewed more than items that aren’t on your home page.

FeedList
You can create your own feed reader with the classes and code that come with WordPress (function wp_rss). This plug-in just makes it easier. I use FeedList to place my RSS feed from Twitter on all my sites and to place a list of the books I am now reading in the footer of my blogs.

WP Related Posts
This plugin lists posts that have the same tags as the current post. It suggests to readers other posts they might be interested in.

Sideblog WordPress Plugin
This plugin allows you highlight a post category to always be in the sidebar (for example, Tweets via Twitter Tools if you do not want to use Twitter Tool’s widget). This plug-in is used in the sidebar of RachelandStephen.

Twitter Tools
It took me a while to “get” Twitter. For me, Twitter is a subscription-based public chatroom. You pick who you want to interrupt your day. As someone who doesn’t post to his blogs that frequently, Twitter allows me to keep my website fresh with micro-blogging. This plug-in is used with SideBlog in the sidebar of RachelandStephen. I have a tutorial on how I prefer to use Twitter Tools in my sidebar.