Big Red 'L' - Do you have the virus/spam checking turned on? It's not enabled by default, and really the virus checking at least should be. The spam checking end could be a lot better, and while you can check your spam folders through webmail, there isn't a 'whitelist' option to always allow through certain mails, like mailing lists you're on. But the virus checker does seem to work with known viruses - although any virus checker is only as good as the virus database it runs off, so new viruses would spread until a check is found.

The 'From' address on an email is largely immaterial. You can set it to anything, so I could easily send out mails that would appear to be from '[email protected]' - unless you looked at the header and traced the origin of the message, you wouldn't know.

What I think one of the major problems with the internet as a whole is that when most of the fundamental protocols (TCP/IP, mail, news, etc) were originally developed, nobody gave any thought to security. It was just one big happy family and nobody would ever think to send fraudlent emails or viruses, ever... So very basic protocols have been fraught with security problems for years.

If Email had been designed from day one so that you could not send emails with forged addresses, a lot of this stuff would never happen.