Why am I getting these virus emails if my computer's not infected?

The last week of January 2004, the MyDoom virus was discovered. ITS knew of it early on and updated its email filtering. To date very few machines were infected, but most people at Bethel and around the world were impacted by a secondary effect. Emailers received several "returned" emails to notify them of a detected virus or a failed delivery notice to addresses they were unfamilar to them.

This secondary effect is due to the detection avoidance strategy that the virus uses. It sends out infected email after inserting addresses found on the infected computer into the From fields. This makes it look like the email is coming from someone other than the person with the infected machine. This is called spoofing.

This means that when the remote email server detects the virus and tries to send a virus alert message, the message doesn't go back to the original infected computer, but to the addresses that the virus spoofed into the From: fields. If your address is in an address book of someone with an infected computer, you and the others from her or his address book will get the virus alerts and undeliverable notices.