Have you ever received a spam email? If not, I would definitely recommend getting your own email address, the positives usually outweigh the negatives. For the rest of us, who have had an email address for more than two minutes, spam is a real problem. I’ve found myself wanting to reply to spam messages many times, just to see what would happen, and to waste spammers’ time a bit.
That’s why reading Brian Weinreich’s post Two years spamming spammers back resonated with me. The summary is that he built an app for his personal use which would reply to spammers and engage them in a dialog of canned responses, trying to string them along for as long as possible, leading to some pretty funny exchanges. That struck me as a brilliant idea, and I wanted to use it, but he had built it for his own use and it wasn’t well-suited for use by other people.
To that end, and because I had a free Saturday, I decided to rewrite the service and make it freely accessible to anyone, and so Spamnesty was created.
We can't stop spam, but we can make it more expensive.
Spamnesty is pretty much what Sp@mlooper is/was. I blatantly stole multiple ideas from Brian, including the half-domain. The root, mnesty.com, is styled to look like a legitimate maritime logistics company of a landlocked country, just in case one of the spammers decided to look. Visiting spa.mnesty.com gets you the real site, where you can immediately see that I can’t design websites at all, and read conversations from real spammers.
You can use Spamnesty right now. Just forward a spam email to email@example.com, taking care to remove any personally-identifiable information from the body (but do leave the body otherwise intact, or the spammer won’t know what you’re replying to), and Spamnesty will generate a person and pretend to be interested in whatever the spammer has to sell.
You’ll almost immediately get an email that will let you read the conversation as it unfolds, and some interesting conversations will show up on the front page for you to read (hence the need to remove sensitive information from the original email).
The conversations themselves are usually what you would expect if you had spent a moment thinking about spammers themselves, but they were surprising to me, because I hadn’t. Spammers will usually realize they’re talking to a bot (or at least to someone who isn’t interested or not going to give them any money) after around 3-5 messages, but some have sent up to 15 messages before giving up in frustration.
The service has only been running for a few weeks, but already there are quite a few conversations with replies. Some my favorites are:
It turns out that working with email is a pretty messy affair, because of how unstructured it is. It’s just plaintext, and there pretty much are no standards for anything, including what an email address is supposed to look like. For that reason, the service does have a few glitches and other bugs, but it generally works pretty well.
You can help improve it by forwarding a few of your favorite spam emails to firstname.lastname@example.org, as I mentioned above, or you can go the extra mile and help me out with development. In the spirit of openness, I have made the app open source. You can find it on Gitlab: