Well done Pcal! He's done what I've thought for the longest time is the right way for people to deal with phishing/spamming/etc - phish the phishers. You go!
Idea for V1.1: scrape the address used in the email and "reply" to that address.
Idea for V2: Enlist others to contribute "addresses" and cpu cycles. Maybe this is the future of Grid Computing? I was thinking a lot of the new safepeer plug-in for azareus, and wondering about something similar for blacklisting. hmmm..
Non-idea for V.N: Don't do something on sourceforge, etc. If the algorithms you use are public, people can reverse engineer the defense.
Heh, thanks, Dave. Yeah, I'm actually working on something like what you describe for V2 - stay tuned. :)
V1 is interesting, I didn't think about that. I imagine a lot of them spoof their mail headers to guard against this kind of thing, but it's worth trying.
Neat. I wonder though, if at some point the phishers won't be able to use spam fighting tools to protect against this kind of counterattack, i.e. is fighting SMTP DATA messages with free form text that much different than fighting HTTP POST messages with application/x-www-form-urlencoded text?
Bruce Schneier's solution is the only long-term viable one I've seen yet; http://www.wired.com/news/politics/0,1283,69076,00.html
Hey, check it out now:
http://www.peskyfish.com