I am receiving hundreds and hundreds of emails per hour. Most
with some variation claiming to be a security patch from Microsoft.

I can't delete them fast enough. They quickly fill up my mailbox,
and my ISP starts to reject all additional, new, email after
that. This includes the few, real, emails I need and want to get.

My ISP is of no help since all these emails are originating from
several other ISP's. They can only suggest sending email to
those other ISP's "abuse" accounts. Well, there is just too many
of them for me to download and try to figure out the headers
(if that is at all really possible).

I really can't keep sitting here 24/7, and doing nothing but deleting
email.

Is there any thing that can done to help a victim like me, from
these types of attacks?

Unfortunately, the answer is no. The flood of e-mails generated by the two lastest nasty viruses, W32/Gibe-F and W32/Swen@MM are being sent from infected machines. And, as the domaine of infected machines grows, then the number of mailings grow exponentially. Ugh.

Of courrse, don't open any attachments and have comfort in the fact it is not you that is the infected one.

More information on the viruses:
http://www.sophos.com/virusinfo/analyses/w32gibef.html
http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html

Sorry about that.

Ah, well, I was afraid of that.

All I can do, I guess, is hope that all these people either clean up there machines, or that their ISP's notice what is going on, and cut off their service (until they do clean up their machine).

One of the benefits of a direct DSL or Cable connection. One can leave their computer connected to the internet, and allow it to attack a full 24/7.

I do, however, want to say "thanks" for replying.

As a related side note, why is it so difficult for ISP's to develop a filter to kill all email which pretends to be an Official Patch from Microsoft? There must be a way to detect these types of SPAM by examining their attachment. As in my case, I use to get just one or two a day of these types of SPAMs. Now I am getting one or two a minute.

Well, we are talking about only unsolicited so-called Microsoft Patches here. I don't think Microsoft freely emails true Windows Patches to people (one needs to download them from windowsupdate.microsoft.com).

I think any ISP could (1) detect that the email did not actually originate from Microsoft by examining the all the info in the headers, (2) detect that the attachment contains a virus, and (3) note that the size of the attachment matches the "work" of the viruses mentioned above.

If all are true, delete it. Or at least have their existing anti-SPAM software tag it as being a known SPAM.

While my PC's own software could get rid of such SPAM, as it does other SPAM, my dial-up connect just can't download this deluge of SPAM as fast as it is showing up. Therefore, my mailbox overflowith.

In other words, none of these 1,000's and 1,000's of emails I am receiving daily are treasure to me. Sorry, but I really doubt anyone else would call these particular emails a treasure either.

Do you know how to make a message rule for your program? You could set the message rule to Delete it at the Server, but you would have to have some common thing about them to detect like the title or part of the title.

the flood of "MS security patches" etc takes a long time
to download from ISP, but if instead of launching email
program, just surf to your ISP's home page and loging
there .. then look at the email headers without having to
sit and wait for all those 144k and 156k messages to
be delivered to your own puter. It's easy to delete them
while just looking at the subject, 'From" etc ... saves a
ton of time.

(works for me anyway)

I have tried to do just that. However, that involves me having to connected up to my email through my ISP's webpage once an hour. That is once an hour, every hour, all day long and all night long.

However, between having to go to work and catching a few hours of sleep every night, I just can't do that once every hour.

So, what happens is that my mail box fills up within an hour of my last deleting. At that point, my ISP shuts down my email totally. I can't any more bogus Microsoft patches, and I can't get any more of my valid email.

Post the headers from the email. I will tell you the IP it is coming from. Then you need to contact the ISP abuse dept to and have them locate their customer to fix their problem.

I really appreciate the offer, but I no longer think that is the answer.

I was saving the headers, to send to my ISP's anti-spam department, but stopped after collecting 200 unique ones.

Most were from outside the USA too. The very few from within the USA, I did send a copy to their ABUSE id. From those, one and only one replied.

Walt,

Do you use webmail or do you have an e-mail client like Outlook Express? I know of a way to block all mail in OE except those in your address book. Would that solve the problem?

I'm also curious, are you a member of a news group? I'm wondering how you get so many. Sorry about the problem you are having.

One of the Mailwasher Pro users came up with a way to auto-delete by downloading a program that's made to automate keypresses. I'd figure out a way to schedule that if I were you.

Good luck.

if your mailbox is being bombed by virusen, you should try yaspi:

http://yaspi.sourceforge.net

- Salva[/b]

Do you use webmail or do you have an e-mail client like Outlook Express? I know of a way to block all mail in OE except those in your address book. Would that solve the problem?

Hi who ever u r, the above would help me, as for Walt, I feel sorry for you, thought I was getting enough but not as many as you, I now look at e-mails I want to, put the ones I want into a folder, then 'select all' delete, then go to delete folder and clear them off, that way you are not opening them, but my anti virus gets rid of it OK, but as you say it is bl**dy annoying, Ann

Ann,

If you just want to allow e-mails in from those folks in your address book, try these rules:

Outlook Express to allow only certain people in..

Go to OE/Tools/Message Rules/Mail/New/ Tick the first item "Where the from line contains people"/ Tick an item in the #2 box (You have a choice to copy, delete, move to folder, do not download it from server or delete it form server) you might want to set up a junk folder and put them there. Now click "contains people" under box #3/click "address book"/highlight the first name and scroll down to bottom of list and hold "Shift key" and click the last name/click "From" at top right and it will copy address to "Rule Addresses"/click "ok"/click "options"/tick "Message does not contain the people below"/click "ok"/click "ok"/Then click "Specified Folder(if you chose that option earlier)/pick a folder/ click "oK".

I've not tried it myself but it seems as if it should work. I guess I'm just not popular because I've only recieved 4 of these "virus e-mails" But that is a good thing.

Of couse this will stop mail from every other source too, including some you might want until you add the sender to your list.

BillC