L6Steel, that's one of the things an anti-spam bot can do. It does it much faster than a thousand of us could, too. There's more to it than that, though.
First you have to determine where the spam came from. The reply-to field is usually a trap to collect valid addresses, as SB pointed out above, and sometimes even the path field is partially forged ... there are ways to do that, using another kind of bot to locate ISPs with holes in their security -- so sending a mailbomb is not as easy as just clicking "reply."
Then, once you've located the true originating system, the customary next step is to send a copy of the spam to abuse@fubar.foo and only if the system administrator refuses to yank the spammer's account would it be appropriate to mailbomb the system. That's who you'd be mailbombing, by the way -- the whole ISP, not the individual who sent the spam -- so you shouldn't send mailbombs unless the system administrator refuses to cooperate. (IMHO ... there are people who do; who feel it's an admin's responsibility to see that no one ever uses his system to post spam even once ... but in practice, how could he do that? So most people give him one chance to zap the spammer.)
I'm only summarizing here; there's far too much info to put into one post....
If you do have to take steps against an spam haven (an ISP that allows spam; usually that is their primary business, btw) ... spam havens run some pretty sophisticated mail filters; it's not easy to get a mailbomb through those filters. A good mailbomb bot sends a large number (large in computer terms) of short messages each with different reply-to, originator, subject, text, etc. fields -- practically everything about each message is different, so there's no easy way for the victim to identify them and filter them out....
The spam havens retaliate with mailbombs of their own. It's a war of geeks and the geekiest geek wins. Fortunately for anarchy, the really high-powered geeks are on
our side ... there's something about very high intelligence that predisposes one against selling out to the other side, apparently, and predisposes one to spend one's spare time doing things like writing warbots and using them against spam without getting paid for it, purely for the pleasure of doing good.
There are other ways to attack spam havens, too ... too involved to go into here, and besides some person or persons have been known to abuse some of the tricks and use them against this website ... that person or persons might be reading this, and fortunately for us he doesn't seem to know much ... let's keep it that way.
The ultimate recourse is the IDP: the Internet Death Penalty. That's when all the other system administrators refuse to accept any messages from an abusive system. The net is an anarchy and every system administrator can do whatever he wants ... and all the others can respond to what he does any way
they want. So a system admin can choose to sell accounts to spammers if he wants to, and all the other sys admins can cut off their connections to him -- each acting as a free individual, no government or compulsion organization of any kind involved at all. If some admins don't cut him off and continue to let him send spam through their systems -- no one will accept messages from those systems, either. Anarchy is a wonderful thing! Anarchy works!
More info all over the net ... look into it, don't just click "reply" and send off a mailbomb; that's more likely to harm the innocent than the spammer (and it can get you into trouble, too).
The weakness in every commercial spam is the spammer has to give you some way to get in touch with him -- or how could he get your money? If he doesn't give you a valid email address or url he has to give you a phone number or a snailmail address. Every time an 800 number is called the owner has to pay a fee to the phone company, and of course that line is tied up for the duration of the call. You don't have to call yourself; a bot can do that. Or if he gives his snailmail address a bot can sign him up for magazine subscriptions and catalogs ... thousands of catalogs ... thousands more arriving every day....
Computers are much faster than people. A very simple bot can dial the phone faster than your fingers can move, send off emails by the thousands while you're in another window writing a post -- otherwise the computer would only be spending practically all its time waiting for you to hit the next key....
-Cougar Allen :{)
[This message has been edited by Cougar Allen (edited 18 November 1999).]