Email obfuscation decoder

It's pretty common to see obfuscated email adreses on the web: me@example.com becomes me[at]example[dot]com. But does it work? How hard is it for spambots to translate munged email addresses?

Really, really easy. It took me (a rank javascript novice) a few hours and ~50 lines of code to automatically decode the vast majority of text-based obfuscations. To try out your own obfuscation, type it in the live demo below.

For more on this, read my blog post on why you shouldn't obfuscate email addresses

deObfuscate = function(text) {
	// decode html entities
	text = text.replace(/&#\w{1,3};/g, decodeEntity);
	
	//remove tags 
	text = text.replace(/<[^>]+>/g, "");
		
	// find the "dot"
	text = text.replace(/\W*\.\W*|\W+dot\W+|\W+d0t\W+/gi, ".");
	text = text.replace(/([a-z0-9])DOT([a-z0-9])/g, "$1.$2");
	text = text.replace(/([A-Z0-9])dot([A-Z0-9])/g, "$1.$2");
	
	//find the "at"
	text = text.replace(/\W*@\W*|\W+at\W+/gi, "@");
	text = text.replace(/([a-z0-9])AT([a-z0-9])/g, "$1@$2");
	text = text.replace(/([A-Z0-9])at([A-Z0-9])/g, "$1@$2");	
	
	// get rid of obfuscating phrases; if the offending phrase includes the "at" or "dot," we 
	// have to put that back.
	text = text.replace(/[_\W]*n[_\W]*(o|0)[_\W]*(s|5)[_\W]*p[_\W]*a[_\W]*m[_\W]*/gi, function(match){
		if (match.indexOf(".") > -1) return ".";
		if (match.indexOf("@") > -1) return "@";
		return "";
	});
	
	//decode simple javascript fromCharCode obfuscations
	text = decodeJs(text);
	return text;
}

// this only works on really naive js obfuscations; tacks decoded emails on the end.
decodeJs = function(text) {
	decoded = "";
	if (! (m = text.match(/fromCharCode\((.+)\)/))) return text;
	points = m[1].split(",")  //only reads the first email; one could iterate to be more thorough
	for (i=0; i -1) ? parseInt(codePoint.slice(1), 16) : codePoint;
	return String.fromCharCode(decCodePoint);
}

writeEmails = function(cleanText) {
	var str = "";
	emails = cleanText.match(/\w+@\w+\.(com|org|biz|gov|edu)\b/ig);
	if (!emails) return false;
	
	for (i=0; i" + emails[i] + "");
	}
	$("#results ul").empty().append(str);
}

$(document).ready(function() {
	$("
    ").appendTo("#results"); // empty ul doesn't validate
	setInterval("writeEmails(deObfuscate($('textarea').val()))", 200)
	$("a.show-hide").click(function() {
		if (this.innerHTML == "(show the code)") { $("pre").slideDown(); this.innerHTML = "(hide the code)"; }
		else  { $("pre").slideUp(); this.innerHTML = "(show the code)"; }
	});
});

    Type your obfuscated email here:

    Decoded emails: