I was previously using the 9.0.4 version with the mail vulnerability. i did the upgrade to fix the problem, but i am receiving emails with viruses that have my website's name in the To field. is this a problem with the mail vulernability from the previous version? and can i stop these emails from coming in?

Your address may already be "out there" and the mail is now self-propogating and not coming from your site each time.

Filters may be your best bet. Then again, I'm no expert.

that could be true...
its bad.. the emails come from mail @ mysite.com, admin @ mysite.com, etc.. and they all say similar things and have a zip file virus attachment in it..

i guess i can filter all email that comes from my domain name.. but that stinks.. lol

I had the same problem for a while.

It's probably completely unrelated to Dragonfly CMS.

The Mytob worm was on one of my user's computers, and it cleverly looked at the last visited website from Internet History (my site) to 'spoof' my domain name. <-- Making it look as if the emails were from me!

It can be taken care of quite easily if the ISP is helpful.

You need to see the Message Headers of the emails so you can see the originating IP address of the email. If you're using Outlook, you can see this via View -> Options. I think. Or something like that. Do a quick search for 'email headers' in outlook's help.

Once you have found the IP address in the email header, you can do a WHOIS search for it to find the ISP of that computer.

Try doing a WHOIS search at www.ripe.net and www.apnic.net and www.arin.net first.

Let me know if you have any problems

I would agree that it's unrelated to DF. It's indicative of most mail viruses to spread that way.