I have thirty-five domains registered with various administrative/technical contact addresses. I also have a bunch of other email addresses that I used to use for posting to discussion groups, old addresses that used to be on business cards and websites, etc.
I even have some addresses receiving spam because they were harvested off of websites. Sometimes I can tell who did it. For example, somebody from the IP address 18.104.22.168 harvested an email address from website of mine a long time ago, and most recently has been sending spams with subject lines like, "You have got new mail from Snezhana, 25 years old, Rusia, matchmaking."
This entire big ball of crap routes into a Gmail account I have set up especially to handle my spam. That Gmail account's spam folder has over 175,000 messages in it, dating back to September 5, 2006. The inbox has over 28,000 messages for that same time frame. This indicates that perhaps Google's got a ways to go with their spam filtering, but I digress.
Occasionally in this big blob of junk, there will be something that I actually want, or something that is only debatably spam. Separating the wheat from the chaff has been really tough. I tried searching for my last name, but what that finds includes a bunch of co-registration spam to a company that captured a malformed first name for me, but a good last name, street address, and email address. I think it was some sweepstakes signup a long time ago. It might be legal for these companies to send me random garbage years later as a result, but it's horribly unwise. It's so easy to track how far this data spreads, that anybody could easily make a bad co-registration blacklist to help others block this kind of mail (at least as, or more legal as sending this stuff to begin with, in my estimation).
There's a whole lot of stupid in this corpus as well. Dear ERP Evaluation Centers, I don't run an Enterprise, and could care less about Enterprise Resource Planning software. (I'd actually never heard of ERP software before today.) Nice of you to try to be legitimate by including my real name in the unwanted solicitation, but you lose about a hundred points by sending it to a domain registration address that is *clearly* A. a domain registration address and B. owned by a spam-sensitive recipient. (The address they sent to, amusingly enough, is domreg-antispam@.) ERP Evaluation Centers Inc is apparently located at 740 St. Maurice, 4th Floor, Montreal, Canada, H3C 1LC, in case you're wondering. They sent the spam I'm looking at back on December 10th, 2006, and it's quite clearly spam. You might want to block erpevaluation.com before they spam you next.
This has been an interesting exercise. I've been able to set up a few filter rules in Gmail to forward on some of the messages I care about. Messages from my registrar, for example. If it's from them, it is forwarded through to my "real" Gmail account, and deleted out of the spam account.
I've still got a lot of data to dig through. As I figure this out, and filter out my personally-identifiable information, I'm going to start checking the more obvious of this incoming spam against the various anti-spam blacklists and reporting on it via a website or two. Stay tuned.