We have to differentiate between logged-in and anonymous users (which includes spam bots).
Logged-in users are assumed to have the right to read and easily use the email address via a single click (otherwise, one would not publish it in a wiki).
Regarding anonymous users things get more critical - those could be "normal" users, but also someone or something (like a spam bot) collecting email addresses to abuse them by sending unsolicited commercial email to them (this is a very general problem in the internet).
Logged-in users
They will get the following:
So they get a directly readable and clickable mailto: link.
Anonymous users
Anonymous users (like spam bots and other bots) will only get the literal argument text as passed to the macro:
- Firstname DOT Lastname AT example DOT net
Pure text, no mailto: link. An intelligent human being will be able to interpret that and enter that email address manually into an email client.
But an automatic bot hopefully can't make anything out of that and will simply miss it (except if it is an especially bright bot, for that case see below) - and the macro has fulfilled its purpose, avoiding spam.