I've encountered some anti-spammers who would do half- assed investigations, declare an ISP guilty, then spread the word on private mailing lists shared by all sorts of hackers, who are apparently looking for an excuse to have fun and feel good about it.
That would have been me.
Despite our policy of not allowing spams from our network, we were labeled spammer friendly not too long ago and a minor break-in happened the same night. Just speculating, too.
That would not have been me.
Tell me about it. In the course of today's activities, I learned that one of our users with a small commercial web site on one of our servers spammed the net from an account on another ISP. The spam contained a pointer to his URL on our server.
Some of the mail seems to be holding us partially culpable for the spam. I'm happy to report that the other ISP is taking action against the spam complaint, but I don't know of any interpretation of Netiquette that condemns commercial WWW sites.
I am ecstatic about commercial web sites.
I don't know that I'd favor an abuse policy that encompasses WWW sites, even if they are listed elsewhere in spam mailings, but if there's a reasonable policy out there that contemplates this type of situation, I'd love to know how it reads.
If you sell service to someone who then spams elsewhere to advertise resources you sold them, then you are enabling the spam. I will expect you to warn them not to ever do this again, then disconnect them if they don't comply. And I will expect you to amend your terms and conditions to specify that spam is unacceptable, that you consider it theft of service, and that you will NOT allow your customers to commit this, whether or not they use your facilities to do so. There is plenty of clean money to be made on the internet. If all you sell to are the good guys who eschew spamming (or, even better, help to fight it) then you will still make a pile of money in the service business. (Probably more since you won't have to spend time answering complaints.)