This is the contents of an email that arrived in my "bulk mail", with the message title the same as my thread title.

"Recipient of the infected attachment: PKSERVER01, First Storage
Group\Mailbox Store (PKSERVER01), Lyn Plant/Inbox
Subject of the message: HELLO
One or more attachments were quarantined.
Attachment document.zip was Quarantined for the following reasons:
Virus W32.Novarg.A@mm was found in document.scr."

Interesting. I have been treated to three MyDoom infected emails so far, but I have only opened these fellows under linux. I did not do anything with the attachments in any case, and certainly not under windows. I use a web based email system and browse with java and javascript enabled - and I believe this PKSERVER01 is my buddy Pat Keegan. Have I fallen for a script trap and propogated this virus ? I read nothing about this behaviour when I was reading up on it.

Edit : I have read the description again and I now believe that my email address has been used as a spoof address .... I think that both Pat's address and mine were in an address book and my address was used against him. One of my bungling windows friends has put me in the frame !! How will I explain this to Pat ?

You are so lucky you keep getting the virus. I havent get it so far, at least to take a look at it. Can you please forward it to me? ".com"

Sent.

What the heck are you talking about? Do you WANT the virus? And to the original poster: What is the point of this post? It isn't LQ's fault that a virus was on THEIR email.

I wanted people in the know to confirm or otherwise clarify my suspicions. I wasn't accusing LQ of being at fault in any way.

With SMTP protocol you can set sender's address to anything you like.
I think mail was send from someone else's computer who has you in their contacts.

Do you at least understand what he is talking about?

Is that above statement referring to me? If it is, I am just stating that there is no reason to post that information on this site, because it has nothing to do with LQ. All it does is create unnecessary confusion and worry. If not, ignore everything I just said.

Ignoring is NOT the best policy in most cases.
Like with this virus : There IS a quite legitimate reason , why one would want to recieve a certain virus ;
Namely , to figure out what makes it tick and thus be able to come up with a defense for it.
Knowledge will always be the best weapon against malicious acts like this.
Knowledge is NEVER to be considered as "wasted time".
Knowledge is power.

Whatever. We already have professionals doing it

And we already have professionals for administrating computer-systems.
Do you imply , we shouldn't try to figure it out for ourselves either?
If so : WHAT THE *(Insert your favorite verb , noun or other derogatory term here) are you doing here?

Okay, fine, there is no way out of this. I retract my statement.

Yes, you are correct. Your address was spoofed. I have been getting 4 or 5 emails like that a day, stating that the mail I sent was not delivered. Proviously, with the sobig, my ISP, or some bonehead there, emailed me threatening to suspend my account due to the volume of virus emails my computer was sending. I copied their main IT in a reply with the following questions.

1) Which version of Linux is vulnerable to this virus, I don't have or run Windows?
2) Do you know how easy it is to spoof an email address?

Never heard a peep.

R.O.

You can still see the original IP of sender. I think it's possible to fake IP as well but virus
can't do that(I think).

Also, don't think anything bad about your friend yet. It's extremely likely that he got the worm, and the worm emailed itself to his contacts.