News about the SoBig Virus:

There are actually a couple of scenarios at work now but primarily these messages are caused by a self propagating worm (Sobig.F) that forges the from address with the address of a randomly selected innocent party. The original messages (and therefore the worm) are not sent from our servers -- they do not even pass through our network. Similar methods are used to distribute spam.

SMTP, which is the protocol used to send messages, has been essentially unchanged since it's inception in the 1970's. At that time no one foresaw the need to confirm or authenticate the from address. Unscrupulous people are exploiting this.

You are not being singled out and there is no reason to believe that this maliciousness is specifically targeted at you. Here is a short list of people who are vulnerable to having their address forged as the from address of an email message:

• Anyone who has ever received spam
• Anyone who's email address is saved in someone else's address book - anywhere in the world.
• Basically, anyone who has an email address.

Frustration about this problem is growing at the highest levels of government and the Internet industry. There are proposed bills in both the House and Senate that many believe will pass this fall. Even with legislation however, investigation and enforcement will be the major hurdles.

Many believe, and we agree, that the only viable solution is a revision of the email protocol itself. There is a growing movement in support of such changes. The revision of SMTP is the easy part. Getting the rest of the world to adopt the changes will be a major undertaking. It may involve a worldwide preparedness campaign similar to the effort engaged for Y2K.

For more information about the prolific nature of Sobig.F visit:

• http://zdnet.com.com/2100-1105_2-5066444.html

• http://us.mcafee.com/virusInfo/default.asp?id=description
&virus_k=100561