>I also have been getting them. >I sent an e-mail to postmaster@domain Ok folks, this is a virus, been around for a while. Look at the attachment size, should be between 75 and 77 KB in size. And the best thing to do is delete the virus message and NOT send a message to the postmaster of "nowhere.domain.com". I have spam/virusblocker on at Earthlink and I receive about 10 of them a day. I don't even bother to figure out where my address came from, but it has to be someone running WindowsXX as this is the affected operating system. >I doubt the user who subscribed is to blaim. >If anyone knows who he/she is, it would be courteous to let him/her >know that they should perhaps use a different e-mail address. I doubt that it is someone on this list, but it is possible because some of our members use Windows. The best thing is to obtain a virus checker (we have ClamAV with AVG which I definately support) and run it frequently. My system at work runs a check against the directory that I use and download files to on a daily basis and I have download file check turned on. I check the entire system on a regular basis. Also, I update the virus definitions on a daily basis to keep up with the nasties.... BTW: The virus usually is named: W32.Sober.I@mm!enc With most of the latest viruses incorporating SMTP engines, the from address is spoofed. When a virus message is sent to "someone@xxxxxxxxxxx", the message bounces back to you. Also messages are sent directly from the SMTP engine but the sender is spoofed to be a postmaster address. Lastly I recommend visiting the SARC, which is ran by Symantec. Pay a visit to www.symantec.com and following the links. -- James McKenzie James McKenzie A Proud User of Linux!