I'm a small web host provider. I have sent about 100,000 mails to ISPs complaining about zombie attempts to deliver mail, or brute force attack SSH, FTP, POP3 accounts, with a small amount of success over the last year.
My argument is that outgoing port 25 on residential computers should be blocked to anywhere other than the ISPs own mail servers, unless the user asks for it. If the user doesn't know what it is, then they don't need it. While this would cut down zombie spam, it wouldn't prevent http distributed denial of service attacks.
Some providers like myself don't accept mail from foreign IP pools, so 'man and dog' operations wanting to send newsletters this way probably won't have much success anyway.
It should be mandatory for ISPs to have a valid abuse address available in the whois record.
Some don't. Some do. Many just ignore it or set a ridiculously low quota to reject all attempts at contacting them. Some ISPs appear to care like earthlink, verizon, cox, bt, but many just don't give a toss, such as tpnet.pl, ttnet.net.tr and I just blanket ban all their IP addresses. If Google, Hotmail and Yahoo did the same, then perhaps they would take their users' security more seriously.
I've evolved a fairly sophisticated system now that fights back.
1st line defence: zen.spamhaus.org, bl.spamcop.net, dnsbl.sorbs.net, cbl.abuseat.org, SPF, DK, DKIM
2nd line: RDNS checks, 5 sec delay
3rd line: mailscanner/spamassassin - high score --> feedback to SA, fwd to [email protected] and spamcop.net
medium score --> grey folder for manual checking --> feedback to SA, fwd to [email protected] and spamcop.net or release from queue to user.
spamtrap addresses --> unscanned to [email protected]
zombies that attempt to deliver too many msgs cause the systems to ban the ip address, add to an rbl and automatically complain to the ISPs with extracts of logs and timezone, after checking with a local blacklist of delinquent ISPs.
Similarly for SSH, FTP and POP3 attacks.
In spite of the many messages sent, I do get some replies from thankful people and I'm glad to be making a small difference.
I hope that all ISPs around the world will take more responsibility for their users and the wider community. Collectively we can make a difference to purge the net of the criminals.