Late last week my mailbox started being hit by VIRUS/SPAM\nat the rate of one item every 20 seconds. I attribute the\nproblem to using a genuine email address in the MS News\nGroups. Before I get into this, I should explain why I\nstill use a genuine box.\n\nMy email account above is one of many owned by me and is\none of my oldest. Therefore I get a very high ratio of\nSPAM to genuine content. Still I like to be contactable\nparticularly by past associates so I struggle on with it.\nAT&T provide some very useful filtering tools. They also\nallow you to direct SPAM as detected by Brightmail to a\ngraymail folder, i.e. you never see it.\n\nI also use a tool to pre-vet the mail before downloading.\nThis tool checks mail against lists of known SPAM senders\nas provided by SPAMCOP and others and gives me the chance\nto delete or bounce mail without even downloading it.\n\nThe VIRUS/SPAM lines were eliminated by none of these\ndefenses.\n\nOn examination it would appear that they are related to a\nvirus named Gibe-F and Swen. This arrives as an e-mail\nattachment masquerading as a security patch.\n\nIt exploits vulnerabilities in Internet Explorer that most\nof us more responsible people have patched already. Users\nopening the e-mail get a message saying, "This will nstall\nMicrosoft Security Update. Do you wish to continue?" But\nexperts say the worm installs itself even if the user\nclicked "No".\n\nOnce an attachment carrying the virus is opened, the Gibe\nworm starts spreading and producing authentic-\nlooking 'install and update' windows.\n\nWhile doing so, it searches hard drives for e-mail\naddresses and begins mass mailing out additional copies of\nitself and attempts to render inactive existing security\nand anti-virus products, opening users up to future\nvulnerabilities.\n\nSo it would seem that I was being targeted by infected\ncomputers running in networks connected to ISP's all\naround the world: Germany, France Netherlands, Canada, USA\n(5) and Australia.\n\nWhat I found puzzling was why my email address would be\nfound on the PC hard drives of so many computers around\nthe world. Then it occurred to me that it must be related\nin some way to my having used it in these News Groups.\n\nPerhaps there are many users out there who read from these\ngroups and details get left behind in the download cache.\n\nAnyhow I was able to set up a filter at AT&T that filters\nout and rejects all of this mail but with some risk in\nrejecting genuine mail. So I will continue on with my long\nserving email address. I do understand however why others\nmay choose not to risk a genuine email address.\n\nQuestion: Has anyone else had similar experiences?\n\nQuestion: In an open news group like this one you can say\njust about anything you like, but you need to be\nidentifiable just in case you slander someone. How then is\nthis going to work if everyone uses false email addresses?\n\nQuestion: The current mail system is based on a standard\nRFC821 developed twenty two years ago. It seems totally\nout place in a modern world. What is being done and what\ncan be done to rectify this problem?\n\nQuestion: When your mailbox is being bombed by this sort\nof malicious material, should the Internet Service\nProviders be allowed to do a Pontius Pilot and wash their\nhands of the problem?\n\nThe lines are open.