Hi, Malcolm Here's what usually happens:
When a virus infects a person's computer, it tries to replicate itself by sending copies of itself to others. It's source of email addresses is naturally the contacts lists in the infected computer. That's the basic of all mail worms (this type of virii). To hide it's tracks, some worms insert random names from the same contact list in the "FROM:" field. This is called spoofing. The result is that the infected email appears to be sent from a totally innocent person. Sometimes, the worm inserts the same name in the "FROM:" and "TO:" fields. This results in your bizarre situation, that you appear to have sent yourself an infected mail. So the hi-jack has only taken place in some poor sod's infected computer, and you're not to blame at all. In fact, most ISP's have stopped bouncing notices like the one you received because of spoofing. You can, however, make a qualified guess as to who _really_ sent the mail by looking at the message source code. In there, you will find the IP address of the computer that sent the mail. The IP-address can be looked up to see who owns it. If the IP address is registered to a single person, you've nailed the culprit. Typically, however, the owner will be an ISP. They usually have a pool of IP addresses that are shared out to it's subscribers as needed. So what you _can_ do then, is to report the incident with source code and everything to the ISP, and hope that they are kind enough to investigate and notify the right subscriber about the infection. The easiest thing is probably to just delete the mail and hope that the poor infected user finds out asap. hth, Jostein Quoting Malcolm Smith <[EMAIL PROTECTED]>: > I must hate me. Apparently, I have just tried to send myself a virus - which > of course I haven't, my anti-virus is fine and my computer checks out OK. > > So how do e-mail addresses get hi-jacked for this sort of nonsense? Can > anyone point me at a suitable website to find out how? > > Many thanks, > > Malcolm > > > Dear Customer > > > > An e-mail addressed to you was intercepted by our mail > > systems because it contained a known virus. We have deleted > > the e-mail and the virus so that it poses no threat to your computer. > > > > The name of the virus was Worm/Netsky.D.Dam worm The address > > it appears to have been sent from is [EMAIL PROTECTED] > > > > What do you need to do? > > The virus has been identified and deleted, therefore you > > don't need to do anything. If you know the person who the > > infected mail appears to have come from, you may wish to > > forward the details to them. However, this is entirely up to you. > > > > Please note, that we do recommend that you always run > > up-to-date virus protection on your own computer. No system > > is 100% effective and although the protection we offer will > > remove a significant threat from viruses, it is vitally > > important that you protect your computer as well. > > > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
