For email, I've had some luck just modifying the page with JS that's either indirect or obfuscated enough that the address can't be pulled directly from it - e.g. "var email" is the address encrypted with a fixed key, the JS decrypts it and then alters the HTML.
It can obviously be bypassed by using a JS runner, but it seems to be enough of a hurdle that few spammers bother. "You don't have to outrun the bear", as it were.
Nice. It's a pretty low-traffic site, so something that doesn't require an external service but is still capable enough to defeat 90% of spammers sounds like a good compromise. I imagine drawing the email address to a canvas instead of a textual HTML element could be more effective, alas not accessible.
I have my email in plain text on every page of my site. I get about 1 spam per day that I see in my inbox on Gmail. I suppose Gmail filters even more silently. It's been working fine for over a decade. Is there some scale of site popularity where it becomes a problem?
It can obviously be bypassed by using a JS runner, but it seems to be enough of a hurdle that few spammers bother. "You don't have to outrun the bear", as it were.