sponsor: sevitzdotcom uses vzaar for all his video needs

As far as I can tell, syndication feeds (rss, rdf, atom) are going to be making spammers lives much easier. Why? Well all our email addresses are nicely sitting in a clear text XML tag which IMHO is about as good as putting a flashing neon light on it and sending party invites out. My email address is already quit polluted, and it probably wont make much difference, but I don't wont to make the spammers lives easier.

Each entry in your atom feed contains this

<author>
  <name>Adrian</name>
  <url>http://www.sevitz.com</url>
  <email>emailaddress@example.com</email>
</author>


while if you have an RSS feed it starts with

<channel>
  <title>s e v i t z d o t c o m</title>
  <link>http://www.sevitz.com/</link>
  <description>Not the worst site on the web.</description>
  <dc:language>en-us</dc:language>
  <dc:creator>emailaddress@example.com</dc:creator>


I know from experience that putting my email address as plain text or as a mailto: link on my site has helped result in the 200 or so spam emails I get a day. Although this was also compounded by me trying to sign of lists initially and putting my address on less than dodgy websites. I was a naive idiot then. Now I am just an idiot.

However with syndication feeds being so common now days, I don't think it would take much for a spammer to subscribe to feeds, parse them for the handy email tag (even easier because it's XML) and then add them to a database of pretty reliable addresses to spam. In fact with the standard Movable Type templates, I should think that their are thousands of sites out their with authentic addresses just waiting to be harvested. And you know the address is good as this is the address MT uses to send you mails when someone comments and the like.

I am only serving Atom and RSS, as I can't be bothered with the rest. I'll probably drop RSS at some point too. In my RSS template I have changed the code to just show my name, as follows

Before:
<dc:creator><MTEntries lastn="1"><$MTEntryAuthorEmail$></MTEntries></dc:creator>

After:
<dc:creator>Adrian Sevitz</dc:creator>


As for the Atom feed, I actually raised this issue with Mark when he published the Atom 0.3 Snapshot at the end of last year. I suggest that it would make more sense to have a link to a contact form or page instead (or as an alternative). Mark's replied saying that author/email is option and if I have a web contact form I should put it in author/url. This is all good and well but I want author/url to point to my base page, so I have just removed the line below entirely.

<MTIfNonEmpty tag="MTEntryAuthorEmail"><email><$MTEntryAuthorEmail encode_xml="1"$></email></MTIfNonEmpty>


Disclaimer
I sort of know what I am talking about here, but I am no expert. I could be completely messing up your feeds by these changes although I don't think I am. I do think that having this structure for feeds (automatically including your email address in a handy tag) are making it really easy for spammers to find. Since spammers are targeting blogs at the moment (comment spamming and the like) I don't think it will take long before they start harvesting email address from XML feeds, if they haven't started already. Especially as it is even easier to do than harvesting them off web pages XML being such an easy format to parse. I don't think disguising your email address in any form will make the slightest difference. Until email evolves so that spam is no longer possible, I'll be removing my email address from my pages. It's already polluted enough.