How do I find out who is sending infected emails ?

  Indigo 1 17:49 30 Jan 2005

I am recieving the Netsky-P virus on a daily basis but the source is unknown, I would like to inform the person responsible so that they can take action against it (I assume they are unaware)and also to make sure my PC is not continually infected. I am using Outlook Express with Preview Pane off.

I have tried to find out where it is from (after deleting virus) by right clicking on the message then clicking Properties then clicking on the Details tab and clicking Message Source, but It tells me it is an unknown source. Is there any way to identify the source ?

  Stuartli 17:54 30 Jan 2005

It's very unlikely you will be able to find out - best to keep AV up to date.

However, the source for the virus may well be completely unaware of the problem being caused when sending e-mails.

  Indigo 1 18:05 30 Jan 2005

It is as I suspected then, but still very annoying.

BTW I have noticed that it would not be difficult for an unscrupulous person to harvest email addresses from forums such as this one for the puposes of spamming or sending virus' etc, they would then be very difficult to track down.

  Brian-318590 18:37 30 Jan 2005

try emailing everyone in your address book and telling them to check it worked for me

  Indigo 1 18:41 30 Jan 2005

Already tried that but everyone denies it is them.

  lotvic 19:06 30 Jan 2005

If the sender is unknown...(which seems strange)... why you are opening the email? I always delete without opening if I don't know who it is from.

OE > leftclick the email to select it (don't open it) > go to 'Message' on toolbar at top > Block Sender

Then see which one of your contacts complains when their emails are sent back to them!

  Indigo 1 19:12 30 Jan 2005

I never open emails from unknown sources either but whenever an infected email is detected Avast4 notifies me and gives me the choice to delete it.

Once the infection is deleted I can then view the source details etc.

According to this site, click here the worm will generate an unknown source header with strings of random numbers to prevent detection.

  Indigo 1 19:14 30 Jan 2005

I meant to add that blocking the sender does not work due to the random generating of source I.D's

  VoG II 19:15 30 Jan 2005

Use Mailwasher click here and delete them off the server.

  Indigo 1 17:39 31 Jan 2005

I will give it a go.

I have always shyed away from using Mailwasher due to it's clumsy (maybe even heavy handed) techniques and also because it means using an extra app to get access to my email.

I still doubt it's efficacy for the purpose of 'Bouncing' these particular emails as they have a randomly generated I.D.

But it is worth a try.


  octal 17:50 31 Jan 2005

What ever you do, don't bounce emails, it'll open the floodgates for more spam by confirming your address.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

iMac Pro review

Illustrator Charles Williams on how to create magazines and book covers

iMac Pro review

Les meilleures prises CPL (2018)