I used to work for an Australian ISP, and I was aware of a practice where we [the ISP] would periodically receive reports of "infected" computers, and would need to proactively contact customers and advise them / encourage them to resolve the issue, with the disclaimer that if they do nothing, we may eventually need to kick them off the connection. If something wasn't done about the problem for a while, Port 25 was blocked on their account until that had advised us that, and that we felt confident that they had resolved the problem. The block would be re-instated if any further reports arose. Further down the track, if nothing was down and they were totally negligent, we would cancel their account (although AFAIK this rarely happened).
(FYI: I never did this job, although I was aware of it and did fill in once).