Is there a way to publish a secure RSS feed that is not indexed by search engines?

Yep.. Add it to your robots.txt file (if you have one).

http://dogberrypatch.com/archives/wordpress-rss-and-robotstxt/

That is for wordpress but the same principle should work anywhere.

@johnpowell That wouldn’t work in this case. robots.txt is just a convention by the major search engines, however, spambots that scrape email addresses off the internet won’t pay attention to that.

The best way to go would be to modify the RSS feed to (automatically) filter out all email addresses. Otherwise, the only way to prevent it is to force your readers to authenticate themselves (as RSS is a pull mechanism, as opposed to email, which is a push mechanism so you know who you’re sending it to), which is possible but terribly annoying and not worth the trouble for your users.

Thank you for the suggestions. I should probably clarify that we are looking at alternate ways to publish a newsletter to subscribers other than email. The newsletter is published daily and in the newsletter are email addresses from people who post, much like one might find with a digest version of an email discussion list. So what we’re looking for a way to do is to be able to get it to subscribers via RSS, and still have the subscribers be able to use the email addresses in it, but prevent them from being picket up by search engines and indexed or hit by bots.

I believe the solution we may be looking for is an interim step which would be some type of obfuscation of the email addresses prior to publishing; however I don’t know enough about RSS to know what would or would not work.

Hmm, obfuscation would indeed be difficult in RSS. What you could do is provide each subscriber with a personalized link that he can only retrieve if he/she is logged in or that is sent to this person by email. Of course, as soon as this user posts this link somewhere on the internet the email addresses are exposed, but I think it’s safe to assume that won’t happen. It would also be less efficient than it could be, seeing as e.g. Google can’t cache the feed once for all users of Google Reader because they all have a different URL.

Also, you would really have to double-check whether Google publicly indexes RSS feeds its users subscribe to, but I really don’t expect them to do that.