Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
Using a blacklist like that you are going to loose the battle. You'll have a hard time updating that list fast enough and manually deleting messages that came through.
If I were you I would take a look at existing solutions. For example, the Wordpress system mentioned before has many anti-spam plugins.
One central service is Akismet. If you sign up (free) you get an API key, which you can use to use the service. There are several PHP classes which you can use in your scripts to use Akismet, it's very easy. The way Akismet works is that every message is checked against a huge database of filters and rules. That database is self learning and gets updated by the tens of thousands of people using Wordpress. When someone sees that a message gets through but is spam, he assigns it as spam and when enough people do that the Akismet rules are improved.
I have used it on a couple of sites now and the results are amazing. Maybe a few spamposts a month get through. No false-positives so far. From one of my sites:
Akismet has caught 9,432 spam for you since you first installed it.
You have no spam currently in the queue. Must be your lucky day.
Updating what?? My script is automatic. Once it finds a message that is spam, it will add it to the ban list (SQL) with date, time, message, and IP. The message is not posted, it uses die(); right after the IP is added.