Other then when it must be validated, I always write E-Mail addresses as user [at] host [dot] something. Which serves quite well when posting e-mail addresses in public view on the web.
Humans know how to deal with it (usually) and it takes a spambot smart enough to harvest it through a regular expression. Otherwise the program will only see regular text that doe not appear to be a
user@host.something or an anchor with a mailto: href.
__________________
My
Journal
Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.