This is actually a follow-on to an article in the 7 May Wall Street
Journal (http://online.wsj.com/article/0,,SB105225593382372600-search,00.html?collection=wsjie%2F30day&vql_string=Carmack<in>(article-body)
if you subscribe).
A brief summary is that Earthlink was going crazy trying to stop his
spam because of his other activities. Other mechanisms, like yanking
his account for violating the AUP, were ineffective because of the
identity thefts.
Of course, I'm sure that no one on this list is surprised to hear that
spammers break the law....
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)