it sounds like PHP is doing a great job...& spammers must be sentenced at par with Drug Mafias...Life without a parole & PC...!

One word for them....

Botnets

They will never find the perpetrators. Did they think it would be so easy ?

Perhaps they do want to sue the poor bod in Poland who never knew he had a trojan.

Martk_T said: "Botnets"

Yes, they're involved in sending the spam, but this case targets those who are feeding e-mail addresses to the botnets to be spammed. I may be wrong, but I've never heard of an address harvesting bot, so IMO this is targeting the right people.

Of course address harvesters are automated. Why do you think things like wpoison exist? http://www.monkeys.com/wpoison/

I've certainly had addresses harvested off web pages.

If there have not been harvesting bots so far, there will be now. Perhaps its time that the ISP industry started to take botnets seriously, and routinely fenced off users who were found to be infected.

Remotely detecting infection is an interesting problem, but there should be a few giveaways - like when a stream of spam or a DDOS attack starts...

I had thought of writing a script that extracts the top level domain name for the links embedded in spam emails. The script would then do a "Who Is" on that domain name and the result would be parsed for the registrants email address. The spam email would then be forwarded to that email address. A nice little add on for Thunderbird perhaps?

The drawback of this is if everyone who is spammed used this method, then a lot of mail servers would likely fall over under the strain. And there is no guarantee that the domain registrant ever uses the email address specified in his/her domain registration. Is it not a good idea in principle though, targeting the sellers of the product being advertised as well as the actual spammers themselves?

It is easy enough to deal with those spam mails that specify product in title.. calais, viagra, casino, anatrim etc, etc. A mail filter will happily delete these from the mail server without even downloading them. But the obfuscation of title is frustrating and harder to deal with.

And yes it is time for ISPs to act. A simple behaviour based rules gateway/firewall could do a lot to cut down spam and botnets.

The only way (that I can see) to bring the purveyors of finest quality spam down is to hit the only part you can really find, trash their servers and increase the cost of them doing business.

Hell they want people to log on and buy their goods - everybody should.

1) Never click on the link in the email - cut and paste the address into a browser.

2) Order 3 or 4 tons of pharmaceutical enhancements.

3) Put in dummy address and credit card number.

4) Repeat.

None of the spam sites that I have seen do a real-time credit card check so the more dummy orders they get the more time is wasted as each one has to be manually checked and updated. The more realistic an address looks the more chance there is of somebody wasting time trying to process an order.

BTW - Credit card numbers are Mod10

Force the ISP to reveal the identity of the individual/s and post the information on the Net, nature will take its course and they will be eliminated from the gene pool :)