I got a phishing email today.
Told me to click on the HTML and sort out my bank.
A bit of inspection of teh attached code showed that it wanted me using a direct copy of my banks login page, to submit my details to a machine in Australia. Registered address was a Richard someone or other.
Armed with the IP address of said spammers machine, I managed to ascertain it was running a mail system. Better still,. it accepted mail to 'root@localhost' (most machines will).
He has mail..
I do have under development on a centrally located server with gigabytes of bandwidth a mail client that will send mail to any IP address directly..the thought of flooding his mailbox with 1000 mails a second appeals..
OTOH I may just register the IP address with spamhaus
:-(