Interesting
I just started getting them today as well. I used basically the same procedure to investigate?Same conclusion. I also got e-mails from the CIA and FBI ordering me to respond to a list of questions residing inside the ZIP document. Clever.
ciao,
Vince

makes you wonder
this all makes you wonder about the people who actually do open these things.
i havent gotten the FBI one yet though.

I just got a handful today
One of mine actually said -

"You've visited over 30 illegal website, please fill out the questionaire"
attached was a zip file called something like questionaire.zip

It was from cia.gov

I had a good laugh.

THe others were mail-body.zip as well

none
none of this stuff has made it through the spam filters at the University of Toronto yet.

Or gmail.

I got slammed
Okay, I found you "guys" looking for some info on these emails I got blasted with tonight - four in just over an hour. Looks like I'm in good company - a combo of all of the above, incl the CIA one ...

Now, I am a fairly new Mac user, and a bit distressed. How do I know if my email is sending out junk automatically?

I got slammed
Relax, your mac isn't sending out stuff by itself.
The email is simply worded this way so as to fool people to open the attachment and become infected by the virus. (Which won't work on your mac anyway.)

Heh - been around for a while
I've seen variants on those ones for over a year now. Basically it's just a matter of your emil address getting trawled somewhere and getting on the trojan horse distribution lists.

For the new Mac user - don't worry about it. If you don't remember sending the message, then you probably didn't. Nothing to do with your machine at all.

I think you could categorize these as "technical phishing" since they purport to be a mail server instead of a financial entity, but since mail servers don't tend to send out glossy html formatted mails, they're easier to spoof.

Check the headers
If you ask your mail client to display the full headers of the e-mail message you'll likely see that it's coming from some cable modem or DSL machine somewhere (verizon, comcast, rr.com, etc...). This particular virus is a variant of the Sober worm and just started across the 'net in the last couple of days.

While it can't affect your mac so far, don't get too complacient. The upcoming Intel-based Macs may be more susceptible.

Use the Terminal to get a file list
Instead of actually unzipping the document, use the Terminal to get a file list. Download it to a location of your choice, go to that location in the Terminal, and type:

unzip -l NameOfZipFile.zip

If you're curious
You can download ClamXav (the open-source antivirus program) at www.clamxav.com

Make sure the definitions are up to date and then scan the attachment, and it should tell you what kind of virus is lurking inside.

Interesting
I'm getting these all the time, Thank God I'm on a Mac.
If you are on windows does this not feel like the enemy continually banging at the gates?

I got slammed
Whew - that's a relief, especially since I got hit with 8 more this morning! Thanks.

Handling these email worms on the Mac
I can't remember ever having received an email bounce message that did not contain the header of the bounced email right in the message body. So, the fact that the email that supposedly could not be delivered is included as an attachment, is a first indication that there is something not quite right.

Second step is to check the headers of the bounce message, as CSShawn already pointed out. If I can't link the (ISP) sender to any of my contacts, that surely means that the bounce was not caused by anything I sent.

Third step is to mumble some curses under my breath about the "level of security" of anything carrying the Windows badge, hit Mail's Delete button, and try to re-focus my concentration on more productive computer uses. *sigh*

Interesting
This is bad:

From: Admin@fbi.gov [mailto:Admin@fbi.gov]
Sent: Thursday, 24 November 2005 1:40 AM
To: xxxx
Subject: Your_IP_was_logged

Dear Sir/Madam,

we have logged your IP-address on more than 30 illegal Websites.

Important:
Please answer our questions!
The list of questions are attached.

Yours faithfully,
Steven Allison

Attachment: question_list.zip contains

*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 324-3000

Return-Path:
Received: from jlsqip.gov (69.63.65-97.swazi.net [69.63.65.97] (may be forged))
by mail17.mymailserver (8.12.11/8.12.11) with SMTP id jANEhxkX026105;
Thu, 24 Nov 2005 01:44:05 +1100
From: Admin@fbi.gov
To: xxxx
Date: Wed, 23 Nov 2005 14:40:28 GMT
Subject: Your_IP_was_logged
Importance: Normal
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
Message-ID:
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=fdcabfd035.bd5da096f3ea1"
Content-Transfer-Encoding: 7bit

Interesting
At the time my wife got one of those FBI spams a couple years ago I doubt she'd even browsed to more than a dozen sites. That all changed after 1) I gave her a Mac, and 2) she discovered the power of Google.