Much of the Internet is protected with ``paper padlocks.'' Respect them. No password guessing, network attacks, mailbombing, spoofing, smurfing, ping-flooding. No developing or launching worms, viruses, Trojan Horses, memes, or other hostile messages. No SMTP server ``hijacking.'' (We have a great SMTP server right here. Use it!) No Web pages that are designed to crash browsers or otherwise interfere with the visitor's enjoyment of her system and our Web sites. Refresh time = 0 stopped being funny long ago.
You are, however, allowed to test other people's SMTP servers to discover whether they allow third party relaying, provided that you make a reasonable effort to inform their owners of any open relays you find. You may also use SMTP's EXPN and VRFY commands to try to discover administrator addresses on a machine that has been used to spam you or house a spammer. And of course whittling down a URL is not anything like password guessing, it's more like ordinary Web navigation.