Klez Virus. Wow this has been annoying. Rosemary’s mail address, unbeknownst to her, was used by the klez virus on someone else’s machine as the forged sending address on klez propagation mail. As a result Rosemary received a pile of bounced mail, as isps around the world detected the klez infected mail and bounced it wrongly back to her. Double whammy — virus gets spread, and innocent people get mistakenly harrassed as the misidentified sender. At this point rosemary’s email id is hopelessly compromised (overloaded with incoming bounce mail) so she is going to switch to a new one.
It would be nice if it was possible to identify without a doubt who really sent a piece of email. And actually this is possible, if we all got certs and signed our email for example. The cert infrastructure is hard to use tho and so this hasn’t happened. In the next 5 years something has to change though or we are going to suffer more and more of these kinds of attacks.