I have done the experiment of using unique email addresses for the WHOIS numerous times over the last few years. The WHOIS datamining spam problem has been there for some time (what do you expect when VeriSign was selling the WHOIS a couple of years ago to anyone with $10k, and it didn't take long for bootlegs to show up), but it is definitely getting worse.|
I did this for my own edification and can't prove to anyone else that these addresses weren't otherwise available by other address hoovering methods, egs: web spiders, where they got my address above, webforms of sites promising privacy and not delivering (which is different than the first, that's not what happened to my above address), and Usenet posts. I'd say these are the big four methods used to create spam databases, and the WHOIS is the best of all as one can more freely use a false or disguised (eg: d_d@emailREMOVETHIS.com) addy in the other instances. With the WHOIS one might not only miss important email from one's registrar (which is why I support a private email address that only the registrant and registrar know, even if there must be a public WHOIS), but now one risks losing one's domain name. So, while I'm not a speculator, both because I have no absolute proof, and because I value my privacy and because I'm not American, I may not be the best poster kid for this either.
You may want to ask Bret Fausett. He undertook a similar experiment back in February and has periodically mentioned it since (a quick scan of his archives, wow he's given us so much, failed to turn up any but that's my fault). He would also otherwise be much more credible than I, though you are free to use what I say here if you wish. -g