Yep, I just found the culprit.
The below 2 websites volunteer SA users-list email addresses for all the world to harvest. I found my email address in Google from posting here on this list.
One of many.. As I pointed out before, there's probably multiple spammers who are directly subscribed to the list.
Be warned, if you post to this list use a throw-away email address unless you are looking to have a good test account for SA. :-)
That should be said of *any* mailing list that's open to public subscription. Period. They're all vulnerable to being mined regardless of what web archives they have. All the spammer needs to do is subscribe a "legitimate" account to the list and run all the messages through their list-mining software. As long as that address is only used for harvesting, and not used as a drop box for spam runs, nobody is ever likely to be the wiser to it.
Let's face it, telling the difference between a lurker who subscribes but never posts, and a spammer who mines but never posts is pretty much impossible. It's like trying to tell if a stranger is a spammer. The guy at the table behind you at lunch could be a spammer, and you'd not know. Only a few of the really big-time spammers get their pictures circulated.
The spammer is not easily recognized. The spammer is among us, and looks very much like us. Don't be fooled into thinking the spammer isn't there just because you can't see him. It's in his best interest to be here, and it's also in his best interest to blend in and not be noticed. Don't underestimate the spammers, some may be stupid, but some are also clever (albeit morally deficient).
Spying on one's adversaries is a battle tactic which is thousands of years old. It goes on all the time between governments, militiaries, police and criminals, companies, neighbors. Why not here?
I'm sure at least some spammers know to spy on their adversaries... to spy on us... here... on this list.
And I'm SURE they have no moral problems with doing so.
