Lately the *#@#$#@ SPAMmers have been harvesting email addresses off of my website. I know it's the only place possible that they could have picked up the email addresses, because I have posted it absolutely no where else. This is extremely frustrating, to say the least.

I was considering some sort of development of a module ... if at all possible, or filter... What I'd like is to obfuscate ANY email addresses on the website somehow.

Some potential methods might be to create a simple redirect link, replacing the actual email address, to a page on the site that created an image, which contained a string the user had to input correctly, and once so done, would then be able to view the email address information. I know this creates a burden on the user, but it keeps bots from harvesting email addresses. This would be similar to registration requirements/methods used by many of the larger webmail (eg Yahoo, MSN) or other sites (eg Network Solutions for the use of the 'whois' feature).

Another thought was extendig that notion so that if a user is logged in, they don't have to go through those contortions. But anonymous users do.

And, extending that further, the site might actually simply refuse to give out any email addresses unless you have a valid user account. This obviously is good from the perspective that anonymous users can't harvest email accounts - period. However the downside is not being able to publish/post general informational email addresses for people to use (eg feedback, help requests for users that can't login, etc).

Extending even further, it'd be nice to allow registered members the ability to send email to other members. Obviously one gets into a security issue or concern, providing email addresses via a webpage that some users may not want their address revealed on. A possible solution is some sort of simple anonymizer feature - only allow the sender to send an email via web page form, which would then submit an email to the recipient. The senders address would then be revealed, and traditional email exchange could occur, if the recipient so chose.

Even better - as part of the users profile information - they could check a box which defines whether anonymous, registered users, or nobody could see their email address. If "anonymous" was selected, tie into the earlier thought above of using an image authentication before actually allowing anonymous viewers to view the email address.

Are there any other folks out there with similar concerns? What are your thoughs on this issue? Has anyone attempted to do anything relating to this? Am I the only one concerned with protecting the privacy of my users information and the privacy of my system email addresses?