ISPs need to do more to reduce the amount of spam and viruses that flow through their networks. It's a common call these days, and it seems to be having an effect. Given that four out of five emails are spam, and over 50 percent of spam comes from about 20 ISPs, it's about time they took some action and I'm happy to report that there is progress.

For example, IT Week Labs' ISP, which is BT, started probing our mail servers to check they were not accidentally configured to allow spam to be relayed through them – they were fine.

It's a simple enough thing for an ISP – they need only try to send mail to themselves via our servers. If their mail gets through, so would mail from spammers. I wish I could tell you about the work being done by other ISPs, but such measures are not the sort of things ISPs shout about. I only noticed this change by inspecting the mail server logs.

Incidentally, BT is not the only organisation that scans our servers in this way. Several other legitimate companies do the same, plus a few others that are most likely spammers looking for a poorly configured server to hijack. Most of the spammers are probably dial-up customers that have inadvertently become part of a spammer's botnet.

According to one expert I spoke to recently, 80 percent of spam now comes from compromised computers. And, in fact, one of the systems scanning our servers was a BT customer, and their computer was probably compromised. I guess BT could examine all email traffic looking for these "open relay" errors and take some action against customers that generate them. Sounds like a job for the open-source ngrep network monitoring tool.

BT also seems to be using another approach to fight spammers. A few weeks ago I noticed that the normal stream of server status email messages had stopped arriving at my inbox. It turned out that BT had started bouncing these messages because our servers listed "root" as the originator. Previously, email claiming to have been sent by "root" was delivered anywhere we wanted it to go, which was handy but speaks to the heart of the problem with spam, which is many mail servers accept mail without checking whether the sender's details are correct.

The problem with "root" is that there is no "@domain.com" element to the address, which means spam filters cannot identify spam by looking at the sender's details.
Experts say there are many other measures that ISPs could easily take to reduce the amount of spam transmitted – simple things like limiting the number of messages from residential customers to 100 per day, and blocking TCP/IP port 25 for home users.