220.127.116.11, owned by Krypt Technologies (aka VPLS), and leased by StrongVPN, was found early 2011, involved in spamming, and as of this morning, it appears not surprisingly, still is.
The following is a screenshot of spam posted by the IP way back in June last year, promoting 9ame.co.uk (amongst others).
August of last year, Torneval blacklisted the IP for this very reason (web spam)
In July of this year, the IP was involved in spamming barriouniversitario.cl with illegal pharmacy activities.
And less than an hour ago, a 419 fraud arrived in my inbox originating from 18.104.22.168. Sadly, their attempts at avoiding flagging by spam filters, is still woefully useless (you'd have thought they'd have learnt by now). The email came without a body, with the body being in an RTF attachment, containing;
And yep - that IS the original formatting in the attachment! (clearly they can't even be bothered to at least try and make it convincing with the basic proof reading and formatting either).
So what are Krypt/VPLS doing to stop it? Well, absolutely bugger all to date (sent them another abuse report regarding the latest incident, but if history with them is anything to go by, I'm expecting it to be ignored).