the whole fee/malle/spam/ promises is only achievable if (especially the malicious) users actually move funds to NEW KEYPAIRS AFTER activation..
If the malicious users are miners trying to keep the fees high (quite possible) then a larger block size would not stop them at all. Neither SegWit nor increased block sizes would do anything to someone with a lot of money to spend (or "invest") on spamming the network.
miners and pools are separate functions of the symbiotic relationship of bitcoin
Antpool would benefit from spamming the network, for example, because they take the transaction fees.
The point is that any entity which receives transaction fees is incentivised to spam the network. It could be a group of different major players who all reel in transaction fees.
the main fee damaging tactics are those of the core developers with their new fee war pressure code, and pools only accepting the high fee's first.
(funnily enough its BTCC and other bscartel pools that do this more)
This still doesn't refute my point, which is that neither of the "scaling solutions" proposed would actually make spam impractical.
Even if you can say "an attacker would not use SegWit keypairs", you could also say "it doesn't bloody well matter whether they do, because it's pretty easy to spam the network in any of these situations".