It would be interesting to create false mail accounts with a bot that reply automatically to these mails in order to increase their false positive and render this sort of scams unworkable.
If malicious types didn't find a way to circumvent your code such that they could use you as a relay for their junk, they would at least be able to use your auto-responder to try DoS or joe-job someone else (potentially leaving you with a large bandwidth bill and a collection of explaining/apologising to do).
