On Fri, 6 Feb 2004 22:43:39 -0600 (CST), Adi Linden wrote:
I am looking for ideas to stop the spam created by compromised Windows PC's. This is not about the various worms and viruses replicating but these boxes acting as open relays or open proxies.
There are valid reasons not to run antivirus software, coupled with clueless users, this results in machines that SPAM again just a few hours after having been cleaned.
First step is correctly to specify the system's properties. Yours is not a technical issue but one of user negligence. You have to build the solution around this fact. Curative measures that have worked elsewhere are: 1-Scan every client when it accesses 2-Disconnect compromised clients or route only to a warning page allowing access only to your tech support 3-First cleanup and advice to owner of compromised machine on how to be a good internet member is free; second costs $100; third results in permanent discontinuance of service and refusal to accept back as a client. These measures will fix your problem. Jeffrey Race