I have taken the time to construct a form letter that I post to the admin of the netblock of each IP address, which is usually reported in the whois information (do a whois <IP address> to find out). Usually I ignore the Korean and Chinese blocks, as (a) I haven't had much success from them, and (b) my somewhat bigoted opinion is that they're usually not concerned about securing their networks anyway. I'm happy to be proved wrong, though.

I take the point of view that network security is everyone's responsibility, and the Patrician's point of view that the first thing to do with a problem is to make it someone else's. While I've had very few responses, I've seen quite a few net blocks tightened up afterward (or so says nmap). As I see it, the real problem with internet security is that too few people complain; it means that the slack sysadmins out there never get educated. (Which, of course, therefore proves that I should be emailing the Korean and Chinese sysadmins most of all, whichI shall ruminate on). It only takes a minute or two, and you can always defend the time expenditure to management as defending your website.

But that's just my opinion.

Paul