When you receive an e-mail containing a virus, the "from" address is almost always fake, chosen from the address book of the infected computer. So just because there are e-mails that appear to be coming from R. Brekne, that does not mean that they came from there. They could have been sent from anyone who happens to have his e-mail address in their computer. A more reliable indicator of where a virus came from is the originating IP address in the header, like 206.168.112.96 which represents "bridget.rudoff.com", which is where the pianotech digest e-mails come from. (You may have to dig a little to see that header, depending on what e-mail program you use.) So what can you do with an IP address? Well, you can try to look it up using one of the reverse lookup sites, such as: http://cello.cs.uiuc.edu/cgi-bin/slamm/ip2name I use it so much I have it bookmarked. If the e-mail came from a subscriber to a big ISP, then the lookup can tell you which ISP it was. I can't identify the subscriber, because IP addresses are reused by all the subscribers to a given ISP. But if the lookup says "mail.broadpark.no" then you can suspect that maybe it did come from R. Brekne. Of course, if the lookup gives you "mail.yahoo.com" then the field of possible senders is much larger. All that being said, it seems that most of the virus e-mails that I have been getting lately are coming from IP addresses for which the reverse lookup fails. Oh well.. Robert Scott Ypsilanti, Michigan
This PTG archive page provided courtesy of Moy Piano Service, LLC