An anonymous reader writes: All the spam that gets through the various spam traps my ISP and employer have set up get sent to Spamcop. However I am curious about what approach the ISPs takes when they get reports.
I see a few options:
1) Do nothing
2) Tell the owner of the machine to stop sending spam
3) Block the machine
I understand that the spam is not always being sent by the owner of the machine as such, and that their machine is most likely compromised and is part of a botnet. What I don't understand is why the botnets are not dismantled by the ISPs. The way to do this is obvious, if a machine has had a spam complaint made against it, the ISP should warn the owner, and that warning should include information about botnets, rootkits, viruses, trojans, phishing scams and so on, it should also include information about virus checkers, firewalls and other software to protect the users from as much harm as possible. More importantly the ISP should inform the users HOW TO GET RID OF THE INFECTION.
Yes I agreee that none of this is as simple as it sounds, but then again trying to bock that 90% of email, the viruses, the compromised web sites is not an easy task either.
So, I am curious, has anyone here know any example of an ISP activly helping any of their customers clean up their machine ?