Opinions will differ. The research was done 6-4.5 years ago. I would guess there are many old harvesters out there which only read a plain e-mail address, but it's certainly trivial to watch for the other common patterns as well. More imaginative methods using CSS or javascript are probably better, especially if the CSS or JS is in a different file, since the bot is unlikely to download that other file on the offchance and parse the code in the hope of finding something. That would be quite a lot of effort and would certainly slow things down, as heaps of useless parsing and processing of useless code would be necessary just to find the occasional address.
The more unusual or resource-intensive your method is, the less likely the spambot authors are to bother about it. Using a plain mailto: link is just asking for trouble though. I suspect although spelling out the words or using HTML entities is better, it's not that much better, as it's easy for a program to substitute strings. The more obscure methods probably work well for the reasons stated above.
Of course, there's no way to communicate any piece of information without making it understandable, and on that basis, any address you put on line could be read by someone and passed on. You can't publish something online and keep it secret at the same time. You can only take sensible precautions.
