Home | Basic Computer

E-mail Virus Spreading

This article briefly explains how email viruses are spread and shows how it causes some people to receive one of:

  • Non-delivery notices for e-mail that you did not send
  • A notice that an e-mail you supposedly sent contained a virus.

Just because you received an e-mail like this does not mean that you have a virus.  The best thing to do is simply delete the e-mail unless your system is performing strangely or erratically in which case you should scan for and remove any viruses.  See the page about removing viruses at http://www.comptechdoc.org/basic/basictut/removevirus.html for more information.

How people that are not infected receive these types of messages is explained below in this description of how viruses spread.  The below picture shows how a virus begins to spread.

In the lower left corner of the above picture the process of what happens when the virus is sent from the infected computer is shown.  It is as follows:

  1. The virus infected computer sends the virus to the intended recipient.
  2. The e-mail server that the recipient is connecting to (or another server) may do one of the following:
  3. The e-mail server may notify the faked recipient that their e-mail could not be delivered or the e-mail they sent contained a virus.
  4. The e-mail may be delivered to the recipient depending on whether the e-mail server recoginzed the virus in the e-mail and whether it was configured to delete any e-mail that contains a virus.

The person whose sending e-mail address was faked by the virus above will therefore receive notifications that e-mails that they never send contained a virus or an e-mail that they sent (but actually never sent) was undeliverable.

My recomendation to e-mail server administrators is not to notify senders of e-mails that any messages they send do not contain viruses since most viruses today fake the sender of the e-mail.  This will cut down on the confusion added by these messages.