Need someone to lead product management at your software company? I build high-craft software and the teams that build it. I'm looking for my next opportunity. Check out my resume and get in touch.

Adam Kalsey

This is the blog of Adam Kalsey. Unusual depth and complexity. Rich, full body with a hint of nutty earthiness.

Security & Privacy

Where does spam come from?

14 Apr 2003

It is often suggested that if you are going to place your email address on a Web site, you should obscure it by encoding the address as HTML entiries, else your address gets harvested by spambots. It is just as often refuted by those who think about such things. After all, it stands to reason that spambots can easily learn to decode these entities and happily harvest your encoded address.

That all sounds good in theory, but what happens when the theory is tested?

The Center for Democracy & Technology spent six months conducting a controlled study to determine where spammers get email addresses from. Their report, “Why Am I Getting All This Spam?,” details their findings.

Among other things, the report found that encoded email addresses left on a honeypot Web site for six months were never harvested by spambots. Test addresses placed on the site and used nowhere else never received spam.

That’s not to say that spambots won’t eventually be taught to decode HTML entities, but for now it appears safe to use them in spam prevention.

This also shows that you must test your theories. Something that sounds perfectly sensible in your mind doesn’t always hold up to reality. It seems obvious that spambots would be taught to recognize encoded email addresses, but in the real world, they haven’t.

Recently Written

Should individual people have OKRs?
May 14: A good OKR describes and measures an outcome, but it can be challenging to create an outcome-focused OKR for an individual.
10 OKR traps and how to avoid them
May 8: I’ve helped lots of teams implement OKRs or fix a broken OKR process. Here are the 10 most common problems I see, and what to do instead.
AI is Smart, But Wisdom Requires Judgement
May 3: AI can process data at lightning speed, but wisdom comes from human judgment—picking the best imperfect option when facts alone don’t point the way.
Decoding Product Leadership Titles
Mar 18: Not all product leadership titles mean what they sound like. ‘Head of Product’ can mean anything from a senior PM to a true VP. Here’s how to tell the difference.
What branding can teach about culture
Jan 8: Culture is your company’s point of view in action—a framework guiding behavior, even in the unknown. You can’t copy it; it must reflect your unique perspective.
Think Systems, not Symptoms
Dec 15: Piecemeal process creation frustrates teams and slows work. Stop patching problems and start solving systems. Adopting a systems thinking approach helps you design processes that are efficient, aligned with goals, and truly add value.
Your Policies Aren’t Your Culture
Dec 13: Policies guide behavior, but culture is the lived norms and values of your team. Policies reflect culture -- they don’t define it. Netflix’s parental leave shift didn’t change its culture of freedom and responsibility. It clarified how to live it.
Lighten Your Process Burden
Dec 7: Everyone hates oppressive processes, but somehow we keep managing to create them.

Older...

What I'm Reading