Seriously, there has to be a way to get these ISPs to care. The ISPs seem like such a single point of success for blocking so much of the malicious traffic that's coming from zombie home user DSL/cable connected PCs.

Why can't they block SMTP on their residential user subnets? Are home users really allowed to "run mail servers"? And why leave open 135, 137, 445, etc. Couldn't these ports be "open by request to ISP" instead? Would make it more labor intensive for malicious users to harass the world.

If ISPs were just good neighbors and instituted some reasonable policies, it would help to squash the spam-sending, viri-propogating, DDoS-running zombie organized crime botnets taking advantage of every insecure XP Home connected to a nonfirewalled Cable modem.

(and, within the last week or so, IPs in austrailia sent me at least two highly targeted phishing e-mails to my consumer DSL e-mail address)