Okay, tell me if you see what is wrong with this scenario:
- Alice’s computer is infected with the Novarg (Mydoom) worm.
- Alice has some HTML on her computer that includes Bob’s and Charlie’s email addresses.
- Novarg finds those addresses, and send itself to Bob, but uses Charlie’s address in the
From:field. That is, theFrom:address is spoofed. - The oh-so-smart people at Bob’s company have installed anti-virus filters on their email system.
- These filters detect the Novarg virus in the email sent from Alice’s computer (which appears to be from Charlie).
- It is well known that the Novarg virus spoofs the
From:address. - These filters send a ‘bounce’ email back to the spoofed sender telling them the email they just sent contained Novarg.
- Charlie gets this stupid bounce message (infact, he eventually gets hundreds of them); not just because Alice has a virus, but because of the stupid email filters at Bob’s company.
Now, listen up all you oh-so-smart email administrators, and all you oh-so-smart anti-virus programmers. GET OFF MY INTERNET!

5 Comments
you forgot to draw the dude’s chair.
The Super-Internet-Dude don’t need no stinking chair. Or, maybe I just forgot to draw it.
Hear hear! I am sick of getting 300 emails a day say that I have sent a spam!
Those who can do, those who can’t; administrate :-(………
After proudly spending an entire career as the natural enemy of IT dudes and refusing to let them go near my computer……in my current job, I find they have remote software to install stuff when I am unaware (Orwell turns in his grave).
leave me alone