Get hold of your ISP and get them to block the sender from your mailbox for a start. There's no reason to put up with that.

Thanks Deejay - You mean my ISP or the host I use to host the site ? The emails are coming in on two of one of our sites addresses.

Plus how do I find out the sending address, without opening the email ? I am always concerned about opening such an email even if the virus has been quarantined ?

Thanks

Somkiat

In MS Outlook you can right click on the name/address in your inbox and click 'options' in the box that pops up. Have a look through and it will show you the sender's address.

If not using an MS product, right clicking on the name/address should allow you to see the address through one option or another.

It is likely that it is safe to open the email though, as it sounds as if the virus is coming in as a standard attachment and your AV software is quarantining it. If a virus comes in as a standard file attachment, there is no danger in optening the email itself - just don't open the attached file.

Contact whoever holds that email address for you - if it's using the same domain name as your site then probably your hosting company I imagine? I've found they can be a bit snippy about blocking an address, but if you point out the number of infected emails coming in and be firm about it they should take action on it.

[europe.f-secure.com...]

It looks like this is the nasty you're receiving. If it fits the description F-Secure gives here, then it is quite safe to open the email itself (it's not activated by opening the email like Badtrans was), but don't open the file attachment that will be in the email.

Wow thanks ! I did not know you could right click like that thanks !

I have now sent an email to the address and also their ISP and my host so should get the problem resolved soon.

Thanks again for your help Deejay

Somkiat

I think you did the right thing to notify their isp that way theu will be able to look into it further. You may find that the person who owns the address you recived the email from is totaly unaware that this has happened. It is very common for spamm bots to crawl websites looking for open send mail channels that they can exploit to send spamm and virus infected emails. But if this is the case in pretty sure the isp concerned will look into it and trace it back.

Yes it seems to have stopped now which is a relief !!

As the ISP is in Singapore a very strict country, I am sure they will look into it but as you say sometimes the sender is not even the sender or they are totally unaware.

Even still, it is highly unusual for an infected computer to send an 200 / 300 emais an hour out !!

We get affected by all the viruses but they come from different people and at irregular times. This one is a little suspicious.