Historically, some of the most prolific virus families (e.g., Netsky or SoBig) distributed themselves as file attachments in email. These families relied on users double-clicking an attachment, which would run the malicious code, infect their machine and send itself to more email addresses from that computer.
Nowadays, hackers have changed their focus and mainly use the web for malware distribution. They still use email messages, but mostly as a way of distributing links to malicious sites, not for carrying malicious file attachments. However, even today some malware families such as Bredo use email distribution to run malicious code on user machines.
You should use strong anti-spam security in conjunction with endpoint security software to defend against email malware. In addition, user education can raise awareness of email scams and seemingly innocent attachments from strangers. (See Exploit, Botnet)