from Hacker News

Two years spent spamming spammers back

by beweinreich on 9/25/16, 1:16 PM with 129 comments

  • by kalleboo on 9/25/16, 2:19 PM

    This is a great idea. Waste the spammer's time and it's no longer worth it.

    The phone version of this is Lenny[0], a set of audio files/Asterisk script which pretends to be a senile, doddering old man (who has a duck problem). There's a reddit user who runs a number you can forward your sales calls to, and he'll pick out the best ones and put on YouTube[1]. The record is keeping a caller on the phone for 56 minutes.

    [0] https://www.reddit.com/r/itslenny/

    [1] https://www.youtube.com/playlist?list=PLduL71_GKzHHk4hLga0nO... (edit: if you sort the user's videos by most popular, the top one is something quite amazing)

  • by grecy on 9/25/16, 2:43 PM

    > Imagine if this type of thing happened in real-life. You walk out the door in the morning and you’re immediately attacked by Parul, Kevin, and Amelie.

    I laughed out loud at this, because it's exactly what I'm experiencing now in West Africa.

    Street vendors are aggressive about selling whatever they have, and they seem to assume I want it - almost like I owe it to them to buy it - I'm not sure if it's because I'm White, or it's just their standard procedure for everyone that walks by.

    On my 3 minute walk to the local store, I get a minimum of 10 people in my face, trying to sell me cell phone recharge cards, peanuts and limes. Every single day I say no thanks, every single day they try again, sometimes even on the walk back.

    I've tried ignoring them or not responding at all, and that usually makes it worse - they'll yell louder and louder (assuming I have not heard), hiss, make a kissing noise, and eventually put themselves in my way so I'm forced to acknowledge them.

    Amazingly, even when I do buy something, and I clearly have it in my hand (a bunch of carrots for example), every single street vendor selling carrots will still try with 100% effort to sell me carrots.

  • by wanderr on 9/25/16, 3:28 PM

    Back in the olden days, when the ping of death causing a windows BSOD was a thing, if I was online when I got spam I would immediately look for the spammer's ip and send them a ping of death. I could tell it often worked because then I'd get the same spam again 10 minutes later, so I'd do it to them again, then I'd get spammed again and ping them again until eventually they gave up.

    I assume their mass mailing program would just start at the top of an email list and send them one by one, without tracking progress, so when the computer crashed they would have to start over. After a few crashes in a row hopefully the spammer would blame the spam sending program for crashing the computer and give up, maybe even demand a refund from whoever sold it to them.

  • by titomc on 9/25/16, 7:31 PM

    One spammer realised that he is talking to a bot and asks the bot about the three laws.

    http://www.mlooper.com/conversations/3072

  • by chrissnell on 9/25/16, 8:39 PM

    This reminds me of a script I wrote about a decade ago to deal with phishing sites. My script generated first and last names, email addresses, passwords, and credit card numbers that actual passed checksum validation. It would submit these fake entries to a phishing form just as fast as the remote end would take them, polluting their database/inbox/whatever with thousands of bogus submissions. Besides wasting their time and resources, it also smokescreened any legitimate submissions that might have come through.

  • by ortusdux on 9/25/16, 2:19 PM

    Reminds me of the cities that setup robocallers to cut down on illegal signs.

    http://articles.orlandosentinel.com/2012-07-19/news/os-litte...

  • by Exuma on 9/25/16, 1:36 PM

    This is great, and would be even more brilliant if it could integrate some sort of markov chain, like https://www.reddit.com/r/subredditsimulator

    I'd love to see it have random answers that are unique based on the question. Then you make it a global service that hundreds of thousands of people can forward messages to, and then you waste spammers time en masse.

  • by brightball on 9/25/16, 1:52 PM

    These guys operate on an ROI basis. If you waste their time you decrease their ROI.

    Great tool.

  • by koytch on 9/25/16, 3:17 PM

    Effing hilarious. Some years ago I spent a few days writing to a 'Russian bride'. It became instantly clear all replies were scripted, there was no connection at all with what I said (The full text of 'I, Robot'? Oh, what interesting things you do…). So I'd say many if not most of the spam scenarios are automated and the whole thing becomes too meta.

  • by MaxLeiter on 9/25/16, 6:23 PM

    If you find this funny, I highly recommend this TED talk: "This is what happens when you reply to a spam email"

    https://www.ted.com/talks/james_veitch_this_is_what_happens_...

  • by chrischen on 9/25/16, 1:41 PM

    It would be great if someone could implement this as a free public service, using neural algorithms to generate responses.

  • by sztwiorok on 9/25/16, 2:09 PM

    Great idea!

    I'm sure that GitHub community will help to make it even better

    https://github.com/beweinreich/mlooper

  • by verroq on 9/25/16, 2:17 PM

    Should just connect two or more spammers together and let them offer their products to each other.

  • by cxmcc on 9/25/16, 1:55 PM

    Love it! For physical spam mails with business reply envelope, I always fold everything back into the envelope and send it back.

  • by wojcikstefan on 9/25/16, 3:22 PM

    Aren't most of these spam emails automated anyway? If it's just two bots talking, you're not really wasting anybody's time/resources.

  • by mmwako on 9/26/16, 1:30 AM

    I was just wondering: if every person did this with the spam they get (or maybe automatized by Gmail), spammers would be overflowed with bot answers to their spam emails, and would not be able to differentiate between a potential victim's response, and all the bot replys. This has the potential to actually SOLVE the problem of spam. Think this could work?

  • by eljimmy on 9/25/16, 6:26 PM

    I once made the mistake of sending a joke reply to a spammer from my legitimate email.

    Turned out they pulled my phone number from the WHOIS info on my domain which I can only assume they sold to some marketing companies as I received about a dozen cold calls from various "web agencies" from the states. A lot of them were relentless, calling me repeatedly and leaving voicemails.

  • by codingdave on 9/25/16, 3:50 PM

    Sure, great idea, funny and clever and all that.

    But I disagree with the idea that inboxes are sacred, and disagree with the attitude of "how dare people send marketing to me!" Fraudulent spam is one thing. Plain old marketing or sales cold calls, though... you know people are going to do it. It is their job. And I'd much rather get emails than I can quickly delete and ignore vs. phone calls. And once in a while, someone actually hits on a service that is useful to me.

    So I don't think the real-life scenario of people badgering you outside the door is accurate. The better metaphor would be one comparing your inbox to your actual mailbox. Sure, junk mail is annoying and most of it gets thrown out. But sometimes that restaurant down the street does send coupons.

  • by maouida on 9/25/16, 2:30 PM

    Gmail and other popular mail providers should implement something like this.

    It would be a big step forward in spam fighting.

  • by the_duke on 9/25/16, 3:23 PM

    Hilarious idea.

    But one of the first things I would have coded is preventing the same message to be sent again.

    The examples are full of that.

  • by gus_massa on 9/25/16, 1:40 PM

    Can anyone forward an email to that address? :)

    Do you have localized versions? [I'm from Argentina and Most of my spam is in Spanish. I guess no. :( ]

  • by robrenaud on 9/26/16, 12:03 AM

    There is kind of a interesting Turing test scenario for AI here. Design an AI to maximize number of replies (or total text written) by the spammer. The internet is vast and full of spammers, you'll never run out of real humans providing responses to optimize your system.

  • by abhianet on 9/25/16, 3:49 PM

    What happens if I send it a mail from an mlooper address? Can I get it to setup an infinite loop?

  • by Animats on 9/25/16, 6:45 PM

    The one for phones has been on HN before. This one for spam is nice, but not yet smart enough. With more smarts and some understanding of the messages, it could keep spammers going forever. It doesn't need to be very intelligent; it just needs to get up to the Eliza level.

    If it detects a spam related to search engine optimization, it should have a list of about a hundred plausible questions it can ask on that subject, for example. There aren't that many spammed subjects.

    Most email spam, though, is promoting a link, and can't handle an email reply. You'd need something smart enough to go to a web site and sign up with fake credentials.

  • by wdr1 on 9/25/16, 7:26 PM

    Reminds me of the guy who set up an automated voice script on his landline to thwart telemarketers:

    http://jollyrogertelephone.com/about/

  • by TheOtherHobbes on 9/25/16, 3:00 PM

    Brilliant! But... of course some of the spammers are bots themselves.

  • by Lxr on 9/25/16, 2:47 PM

    This is hilarious, I love it. I would also love to see this made into a public service with some clever ML algorithms to keep the conversation going as long as possible.

  • by Dagwoodie on 9/25/16, 3:27 PM

    Based on the sample of 24 messages back and forth, it looks like the spammer also had a reply bot because a lot of messages exactly the same canned response.

  • by kensai on 9/25/16, 3:20 PM

    The dude deserves a Nobel Peace Prize for this. Literally pacifying the interwebs! :D

  • by slinger on 9/25/16, 5:02 PM

    I'm laughing out loud with these MLooper conversations. Made my day :D

    PS: Nice project btw

  • by aomix on 9/25/16, 9:50 PM

    I thought spamd passive aggressively insulting spammers and tarpitting their connections was a good effort at wasting their time. This is a big step up from that.

  • by partycoder on 9/25/16, 5:34 PM

    Two related funny stories if you have the time:

    - The 7 legged spider story.

    - The guy that tricked Nigerian spammers into acting the dead parrot sketch from Monty Python

  • by tamersalama on 9/25/16, 2:19 PM

    Great idea! This has the potential of reducing worldwide spam/scam if is implemented by email service providers.

  • by ndesaulniers on 9/26/16, 4:33 AM

    Please adapt this for technical recruiters!

  • by imaginenore on 9/25/16, 2:06 PM

    Would be cool to have this in GMail.

  • by sztwiorok on 9/25/16, 1:48 PM

    Great tool

    Please share this on github. we will be able to add our sugestions to the list of answers!

  • by GirlsCanCode on 9/25/16, 2:21 PM

    Spam doesn't bother me anymore, but unsolicited phone calls do. The majority of phone calls that come in are not legitimate.

  • by countryqt30 on 9/25/16, 3:06 PM

    @ GOOGLE: BUILD THIS IN GMAIL! :)

  • by qgaultier on 9/25/16, 2:49 PM

    brillant !

  • by mooveprince on 9/25/16, 2:01 PM

    Made my day :)

  • by tomrod on 9/25/16, 2:36 PM

    To connect the conversation to David Brin, futurologist, philosopher, and author, this sounds an awful like the crystal spheres in Existence.