See this for background. I am declaring a little victory here. The simplest spam-armoring possible has proved to be the most effective:
echo $EMAIL | sed 's/@/ at /g;s/\./ dot /g'
As long as that method is not over-used--or used in a predictable manner--it should be safe for a while.