Incarceration is the answer :P
Though definately harder to pull-through....as seen within the spam news forum, regarding the "Shadow" botnet...? And how Kaspersky reported that they were going to figure a way to "issue a patch over the "bot network" to clean up the machines.
Now, I don't know the actual "scale" of this "Shadow" botnet, I've been out of the loop since the CC perf/DDoS issues, and with work, and that's actually the first I even heard of this Shadow Botnet...heh.
But if this is really what went down, that sounds great.
Now the hard part is tracking down the bot-herder(s)/master(s) which could be hard, since Storm alone has found to be linked with "mixed" brands, all over the spectrum, likely due to the herders/masters "selling" bots, etc....
As far as SpamCop - I've noticed this alot recently too, since filing reports manually...in most cases, I'll input a message to the abuse desk at the bottom of the page in the "Notes" area, to let them know to check the timestamps to figure out what customer/computer was logged into their system at that time so they can track it down.
But it's not always that easy...hell, I've had "Panera Bread" abuse desk appear in my spamcop reports.....likely due to an infected laptop, that connected to their public wifi, and was spewing spam messages from an infected laptop on their network.
In that case, there's not much Panera Bread could do, other than maybe port/traffic filtering....? But since this is only a fast-food bread/coffee store, that's kinda unlikely :P