<!doctype html public "-//W3C//DTD W3 HTML//EN">
<html><head><style type="text/css"><!--
blockquote, dl, ul, ol, li { padding-top: 0 ; padding-bottom: 0 }
--></style><title>follow up on earlier messages</title></head><body>
<div>Our apologies for the emails you have received from Janet Fischer
which were a result of a virus -- another machine took over Janet's
email address and generated the messages (called spoofing).
Unfortunately because Janet is a moderator of the postdoc list, these
messages went through to the list - as soon as we noticed we shut down
her computer and we are taking steps to correct this
immediately.</div>
<div><br></div>
<div>Below is information from Computing Help which explains why the
message appeared to come from Janet.</div>
<div><br></div>
<div>Again, sorry for the inconvenience,</div>
<div>Marilyn and Janet</div>
<hr>
<div><br></div>
<div>The "From" address in e-mail is comparable to the
return</div>
<div>address on a piece of snail mail. It can be set to whatever
the sender</div>
<div>desires, and is not necessarily accurate.<br>
<br>
Spam, including virus spam, often forges the "From" header
in</div>
<div>e-mail so that it appears to be coming from someone who has no
relation to<br>
the mail itself. Often, viruses will pick a random address in
the<br>
address book of an infected user, set that as the
"From"</div>
<div>address of the mail, and then pick another random address to send
the message to.<br>
</div>
<div>These messages should generally simply be ignored. Replying
to</div>
<div>the sender is not useful, since it is likely forged. The
same applies</div>
<div>for bounce messages that claim you sent spam to someone else.
A virus<br>
likely set your e-mail address as the "From" line, and
the</div>
<div>recipient's mail server sent mail to you to tell you this, even
though this is<br>
useless.<br>
<br>
If you know the spam or virus is coming from an MIT machine (as<br>
indicated in the headers by the originating host, NOT the sender's<br>
e-mail address), you can forward the message, without attachments,
to</div>
<div><a href="mailto:security@mit.edu">security@mit.edu</a> with a
note indicating this. Be sure to include the</div>
<div>full headers of the message. Network Security will then
look into</div>
<div>it and inform the owner of the infected machine, and possibly
disable</div>
<div>network service to the machine.</div>
</body>
</html>