On 11/20/12 1:29 PM, Jason Ede wrote: > However, ISP's blocking smtp ports for suspected spammers would help... > Ideally they'd block all traffic on port 25 or 587 not sent through their > SMTP engine which would do some basic spam checks... > >> -----Original Message----- >> From: Martin Gregorie [mailto:mar...@gregorie.org] >> Sent: 20 November 2012 11:29 >> To: users@spamassassin.apache.org >> Subject: Re: How to report a spam botnet >> >> On Tue, 2012-11-20 at 01:26 +0000, Chih-Cherng wrote: >> >>> Notification help raise victims' security awareness, and motivate them >>> to fix vulnerabilites within their computers. >>> >> I have my doubts about this. I have friends who help at retiree's computer >> clubs and with disinfecting their friend's computers. >> >> The message I hear from them is that there are significant numbers of users >> who refuse to help themselves: they don't/won't update their system or >> their AV software, will click on anything, open any and all mail and who >> won't >> learn that this is stupid behaviour. The reinfection time for such gentry is >> about two weeks: it takes about that long before they show up whining that >> their computer has become very slow again so please do something about it. >> >> I'm not sure what, if anything, can be done about such computer owners >> apart from repairing their machine with a 5 kg lump hammer, though a >> general ISP agreement to auto-disconnect infected computers may well >> help. Fat chance of that, though. >>
At my previous $dayjob I handled incoming abuse complaints for consumer-grade DSL/fiber customers. Problematic lines would get their SMTP traffic cut (outgoing port 25) along with educational e-mails/phone calls. Repeating offenders without any clue ended up on this list long-term, simply because they didn't understand our messages to them, and they never cared because they used <crappy free webmail provider> in stead of desktop MUAs anyway. This way, the problem ended under the carpet. Not very satisfactory, but ending contracts was indeed no real option, if only because the customer simply does not understand the problem he's being accused of (no matter how much time you spend on educating). -- Tom