Do you post your email address publicly?

Yes. Years ago I realized that hiding simply doesn't work and now I just assume that any existing email address is known to the spammers. I also assume people's address books get scraped by malware, since I've seen email addresses get spammed that were never published anywhere on the web.

Yes. For years I used a trivial brainpower challenge to prevent automated scrapers from getting it ("My first name @kalzumeus.com"), but I added the actual string last year and have no perceptible increase in spam as a result net of Google Apps filtering.

Spam filters have rendered the "Don't post your email in public" advice to a relic from 10 years ago.

Encoding your email address to hexadecimal may prevent some less sophisticated crawlers from capturing your email address.

mailto: -> mailto:

abc@gmail.com -> abc@gmail.com

Then instead of:

abc@gmail.com

Use this:

abc@gmail.com

Or this ("mailto:" also encoded):

abc@gmail.com

source: http://www.wbwip.com/wbw/emailencoder.html

Yes.

My strategy is to have multiple, disassociated email addresses for each service, not to keep a single address secret. There are a couple of steps to this.

A) I don't use Gmail. People bring up the + strategy to have multiple emails through Gmail; I don't think that works. I think most spammers will be smart enough to remove the plus, and some sites outright ban it from being part of your address. Treat your Gmail address like you only have one.

B) I do own my own domain(s) and can receive official email there. I use this when I don't care about making my identity known (ie, on a resume, or a publicly facing website, but do want to be able to filter email). The prefix (prefix@domain.com) is the part of my address that matters, and I don't use wildcard prefixes. This means I can generate unique prefixes that I know only some people have access to, which means more public prefixes can get auto-sorted to lower-priority folders (or disabled entirely in the case of a targeted attack) so it's harder for people to spam me.

C) I also make heavy, heavy use of Fastmail's aliases for 3rd-party services. I don't use my own domain(s) to sign up for 3rd-party services, because my domain is a unique identifier that ties all of those accounts together. Fastmail is a shared domain, and lets you generate completely unique addresses, so I can sign up for a Walmart account and give them something like `ilovecats@fastmail.com`. There's no way (I know of) for them to tie that back to another account, so if I start getting spam at that address, I know 100% for sure where it originated from. Every 3rd-party service gets a completely unique email address that can't be associated with my other addresses.

The setup is still evolving, I used to just use Gmail, and I'm still migrating some accounts from Gmail. But I've seen a lot of benefits so far, and I expect to see more benefits as I flesh everything out more.

At the risk of straying into shill territory, I really like Fastmail, a lot. For $5 a month I get really good integration with custom domains, all of the aliases I mentioned above, proper IMAP support, a web interface that is pleasant to use, and my data isn't being mined for advertisers or AI.

Yes, they have the whole Australia problem, but my threat model for email doesn't include the Australian government. I use end-to-end encrypted messaging for that.

Yes. I have dozens of domains that I use for email. I create throw-away addresses per-site, per-use-case. If one of them starts getting abused, I either remove the alias, or set up filters to only allow specific content to that address. One of them is in my profile here.

As a bonus side effect, I can tell when a business or organization has either been "pwned" or has otherwise sold my email address to other entities.

Some domains I point to fastmail so that family members have an alternate to gmail. The remaining just point to my VM that runs postfix and drops all the email into virtual mailboxes and I read them from the shell. This has worked great for decades.

Although not a direct answer to the question, with gmail you can add a unique identifying suffix/tag after a + in the name part of your email:

eg: first.last+walgreens@gmail.com

And emails to that address still wind up in your inbox.

This can help to identify which source ultimately divulged your email to a spammer (intentionally or otherwise).

While it would be trivial for spammers to strip this tag off, i've found numerous instances of spam eventually being sent to the unique email I only ever used at eg. the sporting goods store.

My main personal email (permanent address, essentially), I've got on my website with a minimal brainpower test (essentially "[myname] @ [this domain]") --- but I might get rid of that. My email is in its bare form on a number of READMEs of things that I maintain. I've never had an issue with spam because of it. I use Google Apps for hosting my domain's email.

I have mine in clear text on HN as well as on my personal site. And honestly I barely get any spam at all. Maybe once a month or so. I don't know where people get so much spam from.

I have a separate public email address that forwards to my main Gmail.

It lets me know that the sender has scraped me from the public directory and I prioritize those messages accordingly.

I have a private email for close friends and family (note, I have no FB account). I had layers of obfuscation on this over the years, which I’ve since walked away from.

I run a few businesses, and have work email at each. These usually cycle/evolve periodically over time.

And I have a public Gmail account. Few filters, most everything I sign up for goes there. Lots of G logins.

I’m not on a lot of chat apps, but I use Slack for a few things. No telegram, no WhatsApp, nothing else like that.

I was reviewing this recently and I’m pretty happy with it. The funnels for work/business are effective enough to compartmentalize them. On my iPhone and iPad I have a subset of some but not all of those email addresses. On my desktop I use Outlook to consolidate every last email account and Mailplane to cover my most important and active email accounts.

Truth is, few humans email me. It’s all business accounts, SaaS notifications, etc.

Email isn’t really a daily high priority for me. And most of the important emails are expected... the result of a conversation or initiation. When I know an important email is coming, my attention to email elevates a bit. Otherwise, email is only a medium priority for me anymore. I clear them weekly, but probably pay attention to them 3x every two days.

Edit: the big burden of emails is calendar coverage and invites. For that, my iOS devices are most important. I care more about what lands on my calendar (Zoom conferences) than most other things (save, contracts I need to sign or payments I have to take care of). I also tell everyone to call me anytime. I hate juggling calendar invites for a ten minute phone call. That said, I do encourage people not to leave voice mail. This is where things get a little more... intentional/picky.

Using some console tools like echo and sed: https://mathilde.website

If you use Cloudflare, they’ll obfuscate email addresses for you (i.e., from scrapers), while maintaining clickability.

https://support.cloudflare.com/hc/en-us/articles/200170016-W...

I do. I think it's essential if you've a website/blog or occasionally someone wants to contact you personally regarding one of your comments. I find it extremely frustrating to read a blog post, notice an error or a technical configuration issue with their website and then not be able to let the author know. Please make yourself reachable.

I run my own email server and don't do any spam filtering, so I definitely receive more spam than others (0–2 per day), but Thunderbird always puts them into my spam folder.

I hope to eventually add a spam filter in Postfix to deny at the SMTP level. However, configuring DMARC verification and requiring proper RDNS already cut the spam to a third.

I also recently switched to the hexadecimal encoding explained by u/bitmedley on my website. There's been no perceptible change in spam from that.

Yes,I do post my email publically everywhere, Spam is handled mostly by google spam filters and sometimes manually.

Right now, I have listed an email on my website above a contact form. To hide the email from scrapers, I just concat different parts of it in javascript on page load and insert it into the html.

I didn't expect that to work but a few years in I've barely seen any spam on the listed email address. All spam I've received on my website has been done through the contact form so it appears bot farms rather solve Google captcha than try to use my email address.

This probably isn't enough for everyone but it might serve as a reminder not to overthink this. The only downside is that users without javascript can't get my email address but as I don't expect many people to visit my personal website that's not an issue to me.

I think the problem is the "your email address" part. No, I don't post "my email address", but I do post one of my email addresses.

But really, the primary spam problem is not with spammers crawling the web, the primary spam problem is with companies that think because you bought something from them you are keen on them getting on your nerves. So, the real anti-spam measure is giving each and every company their own email address, and just disabling any addresses that start getting spam, and those also are exempted from the spam filter, so you don't ever get false positives on those.

I use my "normal" email address to post to a very small number of mailing lists. Even though they're all publicly accessible lists, I get in total about 5 spam emails a day - this is with zero spam filtering (not even SpamAssassin) on my own Postfix instance.

For the past ~6 years, every time I sign up to a new web service (or even in person paper signup), I generate a new 64 hex email prefix. This allows me to know who either a) sold my address or b) got their database hacked. So far, the only website I know of who either got hacked or sold my address was:

    coinmama.com

I have numerous email addresses, a couple of which are specifically intended for use if I have to provide an email address that will be publicly viewable. I look at the envelopes of the mail arriving at those addresses, and if one looks not spammy, I'll actually open it. Otherwise, I just let that mail time out (my mailserver deletes them automatically after 3 days).

I never list email addresses I use for real in a public forum, and almost never use them when registering on sites, etc.

My email address is posted publicly on my website. It isn't an alias or anything, though my domain uses a wildcard to send every message to every address to my inbox, so I have infinite aliases available to me should I want them.

Surprisingly, I don't believe I've received a single spam message that made it past my spam filter, despite my address being public. However, I think this can largely be explained by the fact that my site receives basically zero traffic.

Yep! I have it on my personal site in plain text and I don't seem to be receiving large amounts of spam. I just looked in my spam folder and the last five spam mails I got were:

1. 25th oct

2. 22nd oct

3. 21st oct

4. 19th oct

5. 18th oct

so I get less than one per day.

I use gmail (too late to change even though I have personal domains). I register it everywhere and it’s probably searchable in many places. I think gmail does a good job with spam, I don’t get more than 1 spam in my inbox or one non-spam mail misidentified as spam in a year. So I’m completely happy and feel it’s a solved problem. This could change in the future of course, but I have had zero problems in the past decade.

I publish my email and phone number on my website. Spam is filtered and my phone is in flight mode whenever I'm busy.

It is similar to still keeping a Facebook account, the upside of being found by the right people is bigger than the privacy risk I perceive. I might regret this later though, if the future becomes as dystopian as expected by some people here.

Spam just doesn’t seem to be much of a problem these days. My emails are in plain text everywhere and I very rarely get any spam.

Yep: prhodes@fogbeam.com

I use GMail, and basically just rely on their spam filtering. It's not perfect, but it's "good enough".

Yes; I've been using the same address (dmd@3e.org) for 23 years now. I get ~100 spam/day, and GMail manages to catch every single one. I do a 30 second scan through for false positives once a day - typically there's 1 or 2 a week, and they're never something actually important.

My personal email address is publicly available. Fastmail filters about 99% of the spam and the rest is quickly silenced by reporting spam. I receive maybe one or two spams per week. Sadly there are a few false positives but usually it's transactional emails that I don't care about.

I have used my email address dot@dotat.at for open source development and mailing list and Usenet discussions for 22 years. It helps make me more memorable.

A few messages each day get through the spam filters, but that’s negligible compared to the number of mailing list messages I delete unread.

Yes.

You can add filters to gmail.

I add filter once a month or if the spams are getting out of hand.

It's not that bad. The political emails are the worst though, they spam you regardless of your unsubscribe option. The second worst for me is unsolicitated job from job agencies.

Yes. And I even have a catch all for my domain just go to my inbox. (*@ironhlelmet). It's managed by gmail.

The only spam I get is an occasional email telling me that my page rank could be improved if I pay some seo spammers.

Yes, and when i do it (I put in in few of my profiles in text) I'm not getting spam

I guess you can feel safe to do it, and in worst case you will get few emails you will mark as spam right away

Yes I do.On my web site. It is a Gmail address, so There are no spammed. As a small company I choosed not to manage a personnal Web adress. And it works fine.

Of course, for about 10 years or so. It's a means of communication. Why shouldn't I publish it? Spam is being handled by G-Suite/Gmail.

I have this on my websites for years now: name@[THIS_Domain.com], where [THIS_Domain.com] is .

So far, ZERO spam.

If you use only HTTP/2 and only TLS 1.3 then most of spam crawlers won't reach to your web site.

I've had mine public for years. The spam filters at Fastmail are good enough that it's not an issue.

What do you mean by "your email"? Does anyone really have only one email address? I've cut down to three in the last few years. It amazes me that, in the age of free addresses, everyone doesn't have at least one, separate personal email address for friends and family apart from their public and/or company email.

I post it in a way that's obvious to humans but not to bots. Like:

Email: dyingkneepad # gmail * com

I think having a separate email for business is better

I’ve had mine publicly posted for decades.

The spam goes in the spam folder. Not sure what the big deal is?