Right now I am pretty badly hit by the new Swen virus (formerly known as W32.Gibe). Our university mail-server doesn't yet cut out the offending attachments so I received around 200 mails this night, each around 140K in size.
I have now stopped fetchmail and set up a little script employing
Mail::POP3Client that rigidly deletes anything looking like spam and Swen on the server. I've stopped worrying about false positives for now.
Swen-infected machines increment a webcounter. Hit "reload" occasionally and see the number increase.