In article ,
Rich S. wrote:
Isn't there any simple way of determining who is the actual sender of the
virus?

For those knowledgable in deciphering the information in the message 'headers',
one can _usually_ make a "well-informed guess" as to the _network_ on which
the *machine* that sent the message lives. Identifying the actual machine
frequently requires access to information that _only_ the party that manages
and operates that network has. The _only_ "potentially reliable" data you
have to work with are the IP addresses -- and when they are 'dynamically'
assigned, you have to coordinate the address _with_ the timestamp, to figure
out "who was using that address *then*". Obviously, you can't do that, if
you _don'_ have access to the records of 'who was assigned which address,
when".