If you received unexpected e-mail from an e-mail address at dannyg.com, or if you received a notification that an e-mail message from that domain was intercepted and cleansed of a virus-infected file, then be aware that the message did not originate from my domain.

That message was sent by a virus or worm from someone else's computer. Recent virulent worms include variants of the Klez and Sobig worms. To see the latest worm craze and how widely spread it is, visit Symantec's Security Response page. As you read the details, you'll see that these worm classes insert e-mail addresses found in the infected user's machine as the "From:" address for the message. The "To:" address is also culled from the infected user's machine. Addresses are pulled primarily from two sources: the user's e-mail address book and Web pages cached in the C:\Windows\Temporary Internet Files directory.

A couple of e-mail addresses from my domain appear on pages of my Web site. I'm fortunate that my Web site is a popular destination for people interested in the technologies I write about. But this also means that my pages (and their e-mail addresses) are sitting in a lot of PCs around the world. That's why you received the spoofed message or message notification.

Most worms and viruses are spread by way of e-mail attachments that take advantage of the huge installed base of Windows e-mail clients and operating systems. The size of the targets and the frequently-exposed vulnerabilities of those targets are just too attractive to virus creators.

Because I do not use a Windows-based e-mail client, nor do I have e-mail configured for any of the Windows machines I use for compatibility testing, I can personally guarantee you that no Windows-centric e-mail worm or virus will ever pass through the dannyg.com domain. I also keep all Windows-based browsers and OSes patched and up-to-date, and I protect those machines from other attacks with continually updated anti-virus software (as I also do for my Macs).

I am as much a victim of each major e-mail outbreak as anyone. Dozens and dozens of infected or cleansed messages (or the spam-like notifications that such-and-such a message was deleted) are directed my way each day. To give you a taste of what my e-mail traffic looks like, here is an analysis of a recent 24-hour log of my server e-mail processing:

As you can see, only 5% of the bytes pointed toward me on this day were bytes I wanted to see. While I have customized spam and virus filtering tools on the server to keep most of the garbage away from my personal computer, I wonder what this means to the infrastructure of the Internet, and how much bandwidth is being wasted on utter nonsense (don't get me started on the subject of the spam scourge!).

Back to the subject at hand: The fact that some infected e-mail was aimed toward you means that infected computers are out there, despite the publicity. Protect yourself and your loved ones by acquiring virus protection software (even if you're not a Windows user), and never, never, never open an e-mail attachment that you were not expecting, whether it's "from" your best friend, or some address at dannyg.com.