Justin Hopkins writes:

Obfuscating the email addresses is just a part of 'defense in depth' - same as patching your computer, using a firewall, etc. Each layer, no matter how thin, still adds something.

That's true. Rich's argument is more subtle than a claim that obfuscation is worth nothing, though. It is that benefits to obfuscation are small, and the cost is significantly larger than the benefit. You have to address the issue of the cost (obfuscating the address obstructs legitimate third-party users) as well.

Note that the other strategies you mention -- patches, firewalls, etc -- do not impose costs on third parties, only on you.

Personally, I subscribe to Rich's argument. I do not obfuscate my own addresses, and I argue against it when I have input into policy for processes like archiving mailing list posts. But Mailman needs to serve people who have different cost/benefit tradeoffs than Rich and I do -- I agree with you and Bernd that Mailman should provide the facility (though I would advise against relying on it, and generally deprecate its use, myself).