16 March 2004 Internet service providers (ISPs) are starting a crackdown on ‘stupid’ users who allow their PCs to be taken over by spammers.

Comcast, the US cable giant, is following Scandinavian ISP TeliaSonera by sending warning letters to customers whose virus-ridden PCs are being exploited by spammers. If they fail to clean up their PCs, Comcast has said that it will cut them off.

Up to one-third of all spam is now being sent via compromised broadband-connected home PCs. The belief is that spammers are responsible for writing a new breed of virus, which typically contains Trojan horse code enabling them to take control of infected PCs.

Many home users have little understanding of computer security, do not even use free tools such as the ZoneAlarm firewall or Grisoft anti-virus software and are unaware of the dangers of double-clicking on email attachments. As such, they are easy prey for virus writers.

Spammers have moved into virus writing because of the effectiveness of anti-spam blacklists, such as the Spam Prevention Early Warning System (SPEWS). They publish a range of IP addresses from which spam is known to be sent.

These addresses have to be wide-ranging to prevent spam-friendly ISPs from helping spammers evade the blacklists. Some ISPs, particularly in the US, used to sign lucrative secret contracts with spammers, guaranteeing them Internet access regardless of the number of complaints they received.

Such blacklists forced the ISPs to clean up their networks, but anti-spam blacklist compilers have been reluctant to add ISP’s mail servers to their lists for fear of the disruption this will cause.

However, Comcast only started taking the action against its own customers after a range of its IP addresses were added to anti-spam blacklists, preventing many legitimate Comcast users from having their email delivered to friends and business partners.