It depends where they are located at, and how much information I know about the actual location and ISP of the person doing the harrasment. It is unfortunatly very easy for someone to make use of a proxy address, but chances are they didn't start out doing so until they felt they had reason to make mischief. Anything approaching that level I would first go back and look at what information I have related to that person. Since you have his origional IP address and location, and Canada is a signatory to the Digital Millenium Copyright act (which included the cross border enforcement of computer related laws provision), you can at a minimum file a formal report with his ISP to have service shut off, as well as any e-mails that he may have used. He's also entered the realm of criminal activity, so you can take legal action if you have the resources and time to persue that. You can also hire (or have somene in house with a security and intel background) someone to locate all the pertinant details of the perpitrators existance, and then call them on the phone with a device recording the conversation and ask them to stop. They won't, but the reaction on the phone might be worthwhile, and once you have their phone number, the second call from your lawyers to them usually gets a more muted response unless they are bat sh*t insane, in which case law enforcement becomes your best option.
It's usually relitivly easy to get an ISP account terminated for abuse. It's next to impossible to get an overseas proxy server shut down. Depending on where your servers are located, there are various local and national statutes that can be acted on, most often the Computer Fraud and Abuse act.
Even if you get their ISP account terminated, there will usually be 2 or 3 other options they can sign up with, and local library aco@#%^s and whatnot within walking distance, so what we have in place are various account signature comparison and triage tools built into the forum so we can find and destroy incoming spammers and the like, prefferably before they post. People who spam almost always use the same junkmail service (gmail people keep using gmail, etc.) and similar naming convention on their throwaway e-mail addresses (same password too if you can get that from them) They create accounts during the same windows, and they often forget to turn on the proxy when making the account in the first place. Griefers, such as gourdraiden and what you are dealing with are easier and more difficult to deal with, because you don't get the same volume of potential targets, but you also aren't dealing with an army of India based computer roboposters to kill of either.
The law enforcement layer is tricky, and can be somewhat of a crapshoot unless you are persistant. FBI cybercrimes may or may not do anything unless actual money was stolen. Local law enforcement enaction on your server end or his end will vary based on the technical savvy of the officers you interact with. It helps if you have access to a lawyer to act on your behalf, as they tend to take your issue more serious at that point.
If you want, PM or e-mail me the details and I may be able to give you additional pointers.
edit: also, if the icon he used is your artwork, you can also sue him for copyright infringment for around $16k per use. Thats actually a pretty simple and quick legal matter most of the time.
Edited, Jan 21st 2014 12:24am by Kaolian