A way to nip spam in the bud...
It won't do much good for spam you're already receiving, but any future sources of spam will be easy to identify the source of which & deal with appropriately.
When a site demands your email address, go ahead & give it to them, but alter it so as to indicate where it was used. For example, Gmail allows the use of $YourRealEmailUserName "+$StringOfOtherCharactersWithNoSpaces" at Gmail.com... So if your address is normally JohnSmith (at) Gmail.com, modifying it to JohnSmith+AmazonDotCom (at) Gmail.com will still deliver the email to you, but is immediately identifiable as to where you gave it (Amazon.com).
From that point on, any time you get email to JohnSmith+AmazonDotCom, you know Amazon is the one from where the email address was used. If you tell Amazon to stop contacting you & you continue to get email from them, you *know* it's from them & can take appropriate action. Be it a simple auto-bounce-and-delete email rule to shunt it to various Abuse(at) email accounts, the company's CEO's personal contact address, or your Lawyer.
The best part is, if you start getting spam to that address and it's not directly from the place where you used it, for example getting emails from a Dating Site when the address was used at a Home Improvement site, you know *exactly* whom sold your address. Want to sue that company? You have proof they're the source. Want to never get ANY email from that specific email address? Add "JohnSmith+AmazonDotCom" to an auto-perma-delete Rule & watch your inbox drop to more reasonable levels.
Most email hosting services such as Gmail, Outlook, Yahoo, and the like allow such alteration of the email address as an Alias. It may be in the form of $String.$YourRealStuff, or $YourRealStuff.$String, or even something else, so it's in your own best interest to find out. Start using those alias' in your daily use of the web. If the site where you're registering doesn't accept the alias, then that's a big Red Flag Warning that they probably won't honour any opt out settings either, so it's in your own best interest to not give them your real data in the first place. That's when you either give them fake address info ("YouSuck(at)$TheirOwnDomain") or use a temporary email service.
The end result is a constant record of where you've used your email address, indicated by the $String data (like "AmazonDotCom"), and the ability to filter, redirect, or delete entirely anything to that specific $String. If $Company wants my address, they get $MyRealStuff+$Company (at) Gmail and I don't worry about if they spam the hell out of me or not. If they try, I set my client to auto-permanently-delete that $String, and *POOF*, no more spam from that particular source. Which also has the added benefit of letting me know never to do business with that company again.