Hacker News new | past | comments | ask | show | jobs | submit login
Spamnesty – A Bot to waste spammers' time (mnesty.com)
738 points by dgellow on Dec 30, 2017 | hide | past | favorite | 157 comments

Great idea! Wasting spammers time is one of the very few ways of making them effectively lose money. Still the project needs some pseudo randomization in order to fool basic research. Some of the messages I read contained the sentence "I am a bit busy now, but I am definitely interested. When can we talk?". If one searches for that sentence in quotes Google returns four pages of references to Spamnesty. A slightly more clever spammer would sense the trap in minutes. I'm not aware of any program capable of add some entropy to a sentence maintaining its semantics and readability (save for insertion of random errors), but one could use a translator in different languages. Say English->German->Russian->Spanish->Polish->Danish->English, then send the resulting string as a reply. The above string for example becomes: "Now I'm a bit busy, but I'm definitely interested. When can we speak?" which (almost) fools the search. Almost because the 1st page still contains a couple references to Spamnesty due to the above sentences strong similarity, but they're well buried together with other completely unrelated stuff.

BTW, pairing this with a personal assistant stripped of any access to personal information/property/devices (such as an hypothetical open source cloudless one) and instructed to ask for details on every possible part of the offer, one could make the perfect weapon against phone telemarketers as well.

> A slightly more clever spammer would sense the trap in minutes.

Spammers are going to develop anti-spam filters :)

I guess spammers make most money from the lowest IQ percentiles on the internet. Therefore, we only have to develop AI that is as smart (stupid) as those people, and spammers won't be able to tell the difference.

Seem this is already a battle of bots (example; half way through this post https://spa.mnesty.com/conversations/btenqyem/) both parts are sending a random mess to each other.

there is no end to that argument, if a spammer is good enough to be able to foresee anti-spam software then they are likely beyond the target audience. BUT the average and by large general spam crew are not technical experts, most of them have bought some software to advertise to a large audience by mass email / crawl / filter, and are just looking at monetizing some product (or get your infos / CCs). By wasting time for the 95% of the spammers (ironically with techniques that are very similar to them) you can still weed out a big chunk of that sector and have a big impact.

For now they should simply "noindex" the message history. But your larger point is correct.

Great idea, added, thanks!

You could probably build a Tracery grammar that conveyed a certain set of semantic information with a large number of possible syntactic permutations.

Well done. It does get the spammers frustrated. I remember reading about a similar thing[1] where instead of emails it was automated telephone replies and the scammers were cussing at the bots and generally super confused.

It did also manage to flood their phone lines making their call center useless for a while.

[1] https://motherboard.vice.com/en_us/article/bj8wg4/we-talked-...

Some magnificent genius has created the perfect bot for hooking predatory telemarketers. "Lenny" is a slightly confused elderly man with poor hearing. He wanders off topic, he isn't sure what you just said and he is absolute catnip for crooks. If you haven't heard a call to Lenny, you're in for an absolute treat. This call from a tech support scammer lasts an exhausting 31 minutes:



The thing that makes me angry with some of those recordings is when the callers still think that they are talking to a dotty old fellow who they can con (they usually cotton on to the trick in the end). When to my ears Lenny sounds like someone with dementia who needs help and should not under any circumstances be sold to without a legal guardian present, what they seem to take from the situation is "great, I might make my who day's quota on this daft old coot". At that point "but it is my job" really doesn't cut it.

I think this is a crucial aspect of Lenny's design. If the bot was just an asshole, you might gain some sympathy for the telemarketers. Their torment at the hands of Lenny feels entirely fair, because it's obvious that he is not fit to be making financial decisions. The more unscrupulous the caller, the longer they stay on the phone with Lenny; it's an elegant self-regulating mechanism.

If they didn't try to get the sale, they'd probably get fired and swapped with someone who would.

The capitalist's Nuremberg defense?

The less supply there is of people willing to do it (at each given price I guess), the more the pay would have to be to hire people? So, I think, changing the population willingness to do it would change the profitability of it somewhat, perhaps slightly changing how much it gets done?

I'm not sure.

As I said, IMO "but it is my job" is not a morally defensible excuse.

Very well done. And the ducks -- hilarious! Now how do you scale and vary this enough, to prevent suspicion? That's the next step. Near the end (28 min), it felt like the caller was probing with "can you hear me" to collect Lenny's canned responses. Would it be better to hang up earlier to avoid suspicion?

"Lenny" is only 21 short recordings, stitched together into a crude sequence. It's a remarkably unsophisticated trick on a technical level. It wouldn't be difficult to produce dozens or hundreds of Lennies on quite a small budget. Tweak the script a bit, get someone on Fiverr to record it and you've got a new and unrecognisable Lenny MkII.

Maybe, rather than investing more into Lenny, create some more personas (voice, gender, etc) to add to the variety between calls? Maybe also have an option to hand a call over to the next persona in lengthy calls (so that the caller has to start all over again, in order to explain the issue to the "room mate", "brother", "cousin", etc)...

This is brilliant.

"Oh, yes ... Oh, so late ... so late, already ... Listen, you have been so friendly with me, but I really have to feed the ducklings. It's well ... beyond their hour ... May I hand you over to my wife, Gertrude? She is such a nice person and knows these things better than me ..."

> It wouldn't be difficult to produce dozens or hundreds of Lennies on quite a small budget.

I'm not sure. Even though it is, as you say, remarkably unsophisticated on a technical level, it is extremely accomplished on a artistic level.

When I first learned about Lenny, I listened to most of his conversations, and it's impressive to hear how often he actually seems to be answering questions or gets distracted in just the right way at just the right time.

The writing (and acting) is just about perfect. I don't know if this is because of sheer genius, or simply lightning in a bottle, but either way I doubt it could be simply reproduced hundreds of times.

Lenny being 'just' a bunch of unchanging messages in unchanging order made it all the funnier and more amazing to me (and it was completely brilliant before I realised).

I remember first seeing it a while ago, posted here, ironically (or perhaps naturally) in a thread about Spamnasty (also excellent).

Somehow, somewhere Lenny has gotten connected to Lenny, detecting mutual silences and muttering at each other for years.

I'd love to see it as an app with a blacklist for spam numbers or telemarketers. Use a better text generation engine like a modern deep learning based generative model, and deep voice or crowd-sourced recordings.

This sounds like something you could reasonably crowdfund, while delivering a really useful product.

The ducks/geese had me rolling! Love it!

i had a lenny bot running on my home phone line for a bit, i had an asterisk server with a whitelist ( i only get land calls from 2-3 numbers ) and recorded some hilarious calls, i even have a few from the church of scientology ( the prior owner of the number apparently was a member) and from bill collectors ( and she also owed a bunch of medical bills )

"Candid Camera" did this long ago. They'd simply prepared a tape, with generic responses in it with gaps of silence. Then the salesman would grow increasingly frustrated with it, which of course was the source of the hilarity.

This is great! Instead of trying to be smart, Lenny capitalizes on prejudices about elderlies and possible communication factors regarding non-native call center operatives. It's more social engineering than a conversational bot. – Well done.

On my list "todo" for 2018 -- ThisIsBenny.com -- website with bunch of buttons every one of them different phrase so when marketer is calling you, you can put on speakerphone and "lenny" them yourself :)

Jolly Rogers is keeping marketer calls busy in a loop. hilarious stuff https://news.ycombinator.com/item?id=15424031

This is quite easy to make into a phone app too, seeing how apps can intercept calls. Combine it with a phone number database like Whoscall, and one can get beautiful results.

An even more beautiful idea would be if you could let your phone provider run the bot. Just press the magic button and the spam caller gets transferred to the upside down in the phone company data center, and your phone line is freed again (like hanging up, from your point of view). If he gets mad and calls back, Lenny picks up the phone. I don't know how billing works between phone companies but maybe your phone company could even make a profit from keeping spammers bouncing around in virtual Lennyworld. Which would be a nice incentive to do R&D on improving and diversifying the bots.


Does it count as passing the Turing test, or the scammers don't count as experts?

Come to think of it, the scammers themselves would fail the Turing test.

I think the Turing Test is usually described as an examiner is freely conversing with two subjects. The examiner knows that one subject is human and the other is AI. They are supposed to determine which is human and which is AI. If they can't achieve higher than 50% accuracy then the AI is deemed to have passed the Turing test.

It would be a much easier version of the test if the AI only has to fool the examiner in a limited set of circumstances such as a scammer trying to qualify people as potential scam targets with a minimum of effort.

This is incredible. I want an automated Lenny feature for all telemarketers that call me.. I get around 5 a day, this would be amazing.

A technique described in this podcast[1] may lock up quite some time with these people.


OP here. Just to clarify, because I see a lot of congratulations. I just shared the project, I'm not the author.

Based on the GitLab project, the author seems to be @stavros:

- https://gitlab.com/stavros/Spamnesty

- https://twitter.com/stavros

- https://www.stavros.io/

Yep, that's me!

You may want to add a keyword check if the spammer starts sending you back bounces:


Good idea, added, thank you.

Nice idea, kudos! One curiosity though: I read a thread from the ones listed on the homepage and the signature of the Spamnesty emails said Mnesty LLC. If that's constant in every message the service sends out, wouldn't it be quite easy for the spammers to filter them out? Wouldn't you rather randomise sender details, including the signature?

Thanks! There's only one sending domain, so it would be incongruous to randomize the signature, unfortunately...

I just tried to forward a lot of spam messages, and got the response:

554 Recipients' domain disabled

Reporting-MTA: dns; googlemail.com Received-From-MTA: dns; ----------@gmail.com Arrival-Date: Sat, 30 Dec 2017 20:49:25 -0800 (PST) X-Original-Message-ID: <02D8BE6D-6DEF-4FC9-9AC5-6BC6E7A44EAE@gmail.com>

Final-Recipient: rfc822; sp@mnesty.com Action: failed Status: 5.0.0 Remote-MTA: dns; mxb.mailgun.org. (, the server for the domain mnesty.com.) Diagnostic-Code: smtp; 554 Recipients' domain disabled Last-Attempt-Date: Sat, 30 Dec 2017 20:49:27 -0800 (PST)

Tracked at https://gitlab.com/stavros/Spamnesty/issues/81:

> Unfortunately Mailgun has disabled the domain due to rate limits. All we can do is wait […] I think it's just the HN effect that got it to send too many messages at once.

Same here. Hopefully it gets fixed, I'd love to try this out.

That's a cute idea. But I wonder if the system is mis-matching messages and replies.[1] How did a spam for fake Ray-Ban sunglasses turn into someone wanting app development?

[1] https://spa.mnesty.com/conversations/cturvzsr/

I was curious about that too and checked, but couldn't find anything. It goes by the X-Reply-To (IIRC) header and they matched.

I'd bet that it is an IT company in India that had a compromised email server that sent spam. The mails look kinda legit, except for the first one.

From glancing over some conversations, it looks like the bot is mostly talking to other bots.

That said, I think it’s nice to be able to reflect the same attack vector upon the attackers to make the attack less efficient and hopefully less attractive.

Many of the replies seem like they involved at least some human effort, although it would be nice to be sure--I wonder if there's some way to introduce some spammer-appropriate text captcha into the exchanges?

I think that's mostly because conversations in the home page are sorted by frecency right now. That naturally favors bots, because they respond more immediately.

It is mostly - but there are some where its obvious the spammer gets frustrated: "I believe you must be a fool or an idiot to think am here to play games." - Spammer [1].

[1]: https://spa.mnesty.com/conversations/meqpscxa/

> That said, I think it’s nice to be able to reflect the same attack vector upon the attackers to make the attack less efficient and hopefully less attractive.

If it's just bots replying - which honestly doesn't actually seem to be the case - I don't think it's going to make a big dent in their efficiency. It might backfire, though, and just cause more garbage traffic.

Tried forwarding three emails, got this:

Message not delivered There was a problem delivering your message to sp@mnesty.com. See the technical details below, or try resending in a few minutes.

The response was: 554 Recipients' domain disabled

As someone else mentioned here, the only risk is that spammers will blacklist mnesty.com .

There should be some type of domain rotation (or you can test spoofing, just to see if spammers use the same anti-spoof software everyone else does), just like how spammers do so.

As an aside, kudos for using gitlab instead of github.

If and when that happens, someone can pick up a suite of cheap domain names. Thanks to the proliferation of generic TLDs, you can register a domain for less than a dollar per year through a legitimate registrar.

I love Gitlab, I put most of my projects there these days and mirror them on Github.

I once made something very similar, back then it was called an autobaiter by the scambaiting community. It would actually figure out what kind of scam the spammer was pulling and adjust its script in kind to pretend to play along with the scammers script.

I should dig that up again.

Spamnesty also has multiple scripts and you select the kind of spam to reply to. There's an MR open for doing this automatically, but it's pretty big and I've put off reviewing it for way too long.

That sounds interesting, please do !

So it would be hilarious if you connected the spam asking for manuscripts[1] to the fake manuscript generating code [2]. We would end up with bot published journals.

[1] https://spa.mnesty.com/conversations/cjubnfdx/

[2] https://pdos.csail.mit.edu/archive/scigen/

Oh God, I have to do this now.

I have been using this site for about a month on every piece of spam that tells me to write back. But, I have not gotten any responses. How are they even making money if they don't respond to clearly interested potential customers?

This website has been around for a while (it's the seventh time it's posted here) so it's possible spammers have blacklisted the domain by now.

Oh wow, seventh? I think it's the second time I see it. Didn't I only build it a few months ago?

EDIT: Oh huh, it's been more than a year: https://www.stavros.io/posts/spamnesty-waste-spammers-time/ How time flies.

‘Nigerian Prince’ Email Scammer Arrested in Louisiana - https://news.ycombinator.com/item?id=16035183


Hmm. Tried it and the email bounced back with:

“554 Recipients' domain disabled”

Unfortunately, Mailgun is throttling the domain due to large rates of mail. All we can do is wait the ban out, I'm afraid.

Looks like you need a new domain provider; this is a show stopper.

I would agree, but I make liberal use of the free limits so I can't complain much. I don't really want to spend too much money running Spamnesty.

Are you able to easily detect whether your account is currently blocked and add some warning to the front page? Would make it easier than just spamming sp@mnesty.com until the mails don't bounce anymore...

I don't think Mailgun expose that in any API, I'm afraid. Good idea, though, I'll see if there's something available.

Same... I think they need a service status page

Same here, in Gmail.

Same here, Office365.

Same here, also Gmail. Maybe it's overloaded right now?

I love the use of the subdomain and email sp@mnesty.com to hide the name from spammers. But won't human spammers eventually figure out what mnesty.com is and stop responding?

Sure, but the goal is to waste their time a bit, you can't fool them forever anyway.

True, but also being a bit more random where it's not trivial to filter the bot on the spammers side would make it just a little bit harder to ignore.

That's true. Unfortunately, it's not trivial to add more domains, as you'd need to own them all (to add DNS records for sending and receiving). I wanted to accept donations at some point, in the form of pointed DNS records, but realized that I couldn't do that without owning the domain, as if the domain lapsed or was transferred, Spamnesty wouldn't know and it would keep sending email from that domain, to no avail.

You could request people to home sub-domains or even register full domains for you and populate MX records etc. You simply have to test the domain records before sending. You could periodically generate a TXT record, say annually, that should be updated.

I already support several projects like this.

Out of curiosity, have you ever tried to track any stats about how often it reaches a spammer, whether it's interacting with the same spammer multiple times, etc?

While I think the donating of DNS records is an interesting idea, I personally wouldn't want to risk giving permission to an outside party for the domains I use, and I don't think it would be worthwhile to try and correctly maintain a domain just as a donation.

I don't have any stats, no. I assume most spammers are using random domains, so they wouldn't be very accurate anyway.

You could check if the MX records still point at your service, or, better yet, send a test e-mail to that domain every so often and see if it reaches your service.

Indeed, but it's added complexity and I'm not sure how many people would bother setting the DNS records I asked for. I might try it at some point, though.

This is HN, I’m sure there’s plenty of us who have spare unused domains that would do it.

I have one domain at hand that I don't use for mail at all, so people counter >= 1. I could set any MX/SPF records you want as long as I don't have to change them every two months or so... ;-)

I look forward to sending many emails your way!

Spam is a daily problem for me. I can't use auto-filters, because I live in Taiwan and most emails written in Chinese are flagged as spam. That includes important messages from my bank, colleagues, and landlord. Eventually I gave up using auto-filters, and I now manually delete ~50 spam every day.

Being able to do something useful with that will make my spam-sorting a little less mind-numbing.

Have you considered registering your own domain and giving out personalized emails to everyone? E.g. from_blahbank@mydomain.tld? That way, you could rotate most often leaked prefixes regularly without disturbing other recipients.

I use Mailnull extensively, but I still get a lot of spam directly to my Gmail address that I've had since 2005.

Even better if you can filter by domain is received emails

Blabank alias only gets email from their domains, anything else goes on the trash

This is the email version of when Telemarketers call me and ask to "speak with someone in the house between the ages for x-y" to which I say, "sure just a sec", then put the phone down on the desk and walk away.

At this point, I've basically stopped answering my cell if I don't recognize the number. If it's important, they'll leave me a voicemail (it never is.).

One other thing I did was ported my landline over to callcentric.com, where for $3.50/month or so, I can 'firewall' all calls coming to that number, making it safe to give out to anyone. Their call treatments allow me to, by specific number or patterns (800*), drop, send to voicemail, play the "number disconnected" tone, forward, etc. It's great - no more calls I don't want.

I use google voice call announce for anyone not in my contact list

Is that a GV setting? Is it available on iOS?

Yes absolutely. I use the iOS app but I configured the whole thing on my laptop using the website.

switch to "legacy google voice" and then go to settings: https://i.imgur.com/wbaV75e.png

You're lucky that your spam calls come from a human. All I get is bots calling to tell me I've won a free cruise.

I've found that if I don't recognize the number, I answer the phone and don't say anything. If no voice comes over the line within 5-10 seconds, I hang up.

I have heard of these automated systems wait for a sound before it logs you as reachable for further annoyances.

If I do answer, I stay silent even muting my phone. Usually call just hangs up.

I get the cruise every few months, from a spoofed local numbers. As soon as I say hello, the automated recording went off.

I had a friend who liked playing around, and drafted fake PayPal confirmations and western union statements as proof he sent the scammers money. They were confused why they didn't have his funds asking him to triple check recipient info and resend, which he would send another fake confirmation.

They would eventually catch on cussing him out after weeks

Isn't there a registry where you can opt to not be disturbed there? We have it here and I signed up, and calls eventually stopped. I also love terrorizing spam callers with "give me your name and company name, this call is illegal". They usually get flustered and hang up.

> Isn't there a registry where you can opt to not be disturbed there?

There is, and I signed up for it. When I did, I got an order of magnitude more calls. I eventually had to change my phone number.

> I also love terrorizing spam callers with "give me your name and company name, this call is illegal". They usually get flustered and hang up.

That doesn't work on bots.

I saw www.rescam.org on here a while ago, definitely worth a visit!

The first thing I thought of was rescam, not sure how this project differs from rescam

rescam is currently offline

Gamifying this kind of thing would be intriguing. I'm imagining some server that would work like spamnesty, i.e. you could easily let it handle your spam. But I'm also imagining the possibility of registering as a bot creator and plugging in your own algorithms. API-wise it would be super simple, much like creating a chatbot for Slack, but the logic could be as advanced as one would like. The server would then score the algorithms on established metrics such as "average number of responses" or what one might dream up. There would be leaderboards and stuff.

It would all work nicely until the spammers start creating their own bots to keep our bots busy. Bots would keep inane conversations going forever.

Then, I presume, Skynet.

Cory Doctorow's story about spam bots being one of the last things alive: https://craphound.com/overclocked/Cory_Doctorow_-_Overclocke...

Forwarding from gmail to sp@mnesty.com results in

    554 Recipients' domain disabled

<sp@mnesty.com>: host mxb.mailgun.org[] said: 554 Recipients' domain disabled (in reply to end of DATA command)

What we really need is something like this for the phone scammers, particularly the "IRS" scam I've been getting regulars calls from most of this year.

Someone made a call bot called "Lenny" to fool telemarketers, which uses recorded messages. They put up their call logs on YouTube:


Hahaha, that was hillarious! I wish there was a bit of voice recognition too, because then this bot would be unbeatable! There should also be a few more variations, but then it seems more than enough to get the seller/scammer enganged for quite some time.

Hm, I'm getting:

<sp@mnesty.com>: host mxb.mailgun.org[] said: 554 Recipients' domain disabled (in reply to end of DATA command)

I guess they were a bit too successful - I'm getting "554 Recipients' domain disabled' when forwarding msgs to them.

Honestly, why don't we get insider / whistleblower posts here on HN ? I understand spamming is quite vilified among most techies, but someone is doing the spamming. Is it because the bulk of spamming is done using very unsophisticated ways ? We get anonymous posts on pretty much all other topics.

It looks like in many cases [1] it's confusing the threads? Subjects and discussions start changing after a few messages in many threads I looked at.

[1] https://spa.mnesty.com/conversations/vkeezpyz/

I see this all the time and have assumed it's related to difficulties correlating outbound messages (to the spammer) with responses. Also within a message thread the service sometimes fails to respond to the most recent email from a spammer. An example thread showing both issues: https://spa.mnesty.com/conversations/caabzkyg/

The failure to respond is because I set a limit, it stops after a few tens of messages to avoid endless loops with bots. The other messages are because it gets put into a list and just gets spammed, as far as I can tell.

Just read through this one https://spa.mnesty.com/conversations/ecfrqrps/ – and was laughing stitches. Great job!

Oh wow, it really gave them the runaround there. I love the link to the forever-loading page, I forgot I had added that.

The whole conversation gives me cringe

> Spamnesty is a way to waste spammers' time. If you get a spam email, simply forward it to [email protected]

Maybe it would be more appropriate to show email there, since it's intended for spammers as well.

I tried this when it was new, and saw two issues with it. Firstly, it uses western names as the responder, which may not be the best case everywhere — ideally the person submitting the email should be able to specify a name to use. Secondly, the mnesty name and Mnesty LLC wouldn't seem believable to many (human) spammers either, depending on the region. I didn't get responses for many emails I submitted — my guess is that the spammers thought it's a waste of time (which is also good, but not frustrating them enough).

Ha, my comment from earlier today [1] reposted as a top of front page post.

It's like when you say something funny in a group setting which only one person hears, and instead of asking you to repeat it for everyone, they repeat it loudly themselves like it was thier joke! :)

Edit: Heaven forbid that you should point out that HN is sometimes just like Reddit! Downvote away, I have no interest in MIPs†.

[1] https://news.ycombinator.com/item?id=16035487

†Meaningless Internet Points

I have the feeling that all of this is going to finish bot against bot.

I guess they were a bit overwhelmed - I'm getting "554 Recipients' domain disabled " when forwarding to them.

Reading some of these emails it's apparent it's not a person responding. This is simply two bots email each other.


Looks like for some spammers, the game is already up.

This remembers me of rescam.org

This could easily be one of the “smallest” things to have the greatest impact. Looking forward to reading statistics on how much this software takes in % of total spam time and saved money.

I read some of the conversations on the site; it’s quite interesting that the boys managed to have the same conversation over and over almost in the exact order.

This is really cool. I tried building a similar project last year using an LSTM, but never ended up deploying it.

I wonder what James Veitch would have to say.

Let's just hope the scammers don't start using AI/NLP to generate the emails they send to us....

Add support for SMS and it’ll be perfect.

What sort of support?

I get text messages from scammers

Interesting, but is there something for spam callers? It's not enough to block them or report them.

I'd pay some serious money for this. In case someone's looking for an idea.

With all the emails ending with "CEO, MNesty, LLC" I doubt you'll be able to fool anyone

This is the best thing I've seen in a while.

That they host the code in gitlab is a nice touch.

Hahaha. The funniest conversations I’ve read this year!!! Poor spammers. LOL

Email isn't free. It seems like it is but actually it takes significant resources to process all the spam. Using a bot to create more traffic is pointless and wasteful.

Yours sincerely, A guy who runs the mail transfer agents for an email security provider and has to deal with this every day.

Cool. Stop the spam and I’ll quit spamming you back.

We do. That's exactly what we do. But honestly the volume of spam is massive already.

I note the fake replies are quite limited & repetitive. It would be extremely interesting to see if deep Q learning could be used to develop more realistic replies. "rewards" would simply be getting more (and faster) responses.

This is the greatest thing!

Thanks to the author(s) for doing it.

LOL! Best use of chatbots yet!

I love it.

This is great, but I feel like it's wrong that regular people think they have to step in to fight spam.

After all, these messages benefit actual companies. I receive many spam messages from American companies that are legit. Why can't governments do more to fight spam? It's illegal after all (at least in Italy and I'd guess Europe), so how come companies get away with it?

The companies aren't in the jurisdiction of those laws. Now if you held the ISP's responsible, you'd see some action.

I'd rather have ISPs act as utilities rather than safe-guards of the content they transmit...

Had a good chuckle reading through the chat logs, but it would be interesting to see the results using NLP to formulate new nonsense questions aimed at the spammer.

The spammer side seems to also employ some level of bot automation, and its like two bots going at each other with the occasional broken english comment showing confusion and frustration....this is truly golden.

MRs appreciated, but please make them in multiple short, self-contained pieces

I liked the idea of increasing the amount of time a spammer expends over their email.

I didn't like the idea of having to manually forward the email, manually remove personal information from the body of the email, and sucking the recipient into watching the conversation unfold live. Because it increases the amount of time a recipient expends over a spam email.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact