Since I’m doing a bunch of spam analysis, I decided to watch inbound traffic of spam coming to me. Of the 5-6 mails I saw, 4 were from obviously comrpomised Windows boxes that were acting as active relays.
I tracked one to Megapath, so I sent mail off to them with the IP address of the machine spewing the spam. An hour later:
Subject: You have an active spammer. Discussion Thread Response (Eric B.) 05/25/2004 02:47 PM Thank you for the notice. We have stopped the traffic. MegaPath Abuse Department
It’s not much, but gosh it feels good.
