redundant array of inexpensive chatterbots
Unlike most sorts of spam, 419 scams rely on being sent from a working acount. Since an actual human has to receive and reply to incoming messages for the scam to work, it is possible to get in touch with the would-be fraudsters and harass them back to humorous effect.
However, it occurs to me that there are several more drastic measures available. Instead of responding to occasional fraud attempts, we could automatically detect these fraud probes and send in a chatterbot to automatically strike up a conversation, effectively wasting all of the scammer's time and making the process a great deal more labor intensive.
Comments
It'd be easy enough to do that with SpamAssassin, alright;
1. create a meta rule for the common fraud rules (FRAUD_*, ADVANCE_FEE_*);
2. grep out email address-format URIs from the message text, since the spammers often use those instead of the return addr (again, SA debug output contains this);
3. mail a generic "I am interested, please send more details" to that address, from a single-purpose email addr (might be worth allowing a precautionary step of requiring human approval before this happens);
4. use procmail on that addr to do the chatterbotting.
brilliant!
- Justin Mason
ah. have you already read this?
http://acm.cs.uic.edu/~lszyba1/methods.html
- Justin Mason
Nope. Wish I'd written about this idea earlier - I had it a long while ago, but I didn't really have a place to post it.
- joshua