This "feature" of Netscape 2.0 was apparently discovered by Glenn Fleishman, moderator of the Internet Marketing email list (doesn't that give you cold chills?).
One thing I noticed about it is that even if you fill in a fake email address, the correct email is still recoverable if the browser is running on Unix (well, on SunOS anyway). Netscape apparently puts the correct username into the fake domain, overriding whatever you put in for a username. The rest of the headers contain a trace of what machine it came from. In other words, you can run but you can't hide.
Another way to capture email addresses is to use a META reload feature to take the user to an ftp URL. The normal action for "anonymous" ftp is to transmit your email address as the password. By monitoring the log files of an ftp server, you can capture email addresses this way.
For the record, we don't keep email addresses, but remember that others may not be so kind. If you like this kind of stuff, see John LoVerso's page or the hostile applets page or David Wagner's exploitation page.