>I see the name of the virus together with the name of the virus scanner producing the identification as equivalent to the actual byte stream
Please do not assume that everyone else's system works the same way that yours does. For the virus reports I send, I have no idea what virus it is. My system makes the fairly safe assumption that any message with an attached EXE sent to a spam trap is a virus. I lightly denature the report by changing the first few bytes of the bas64 attachment to xxxx so it's not executable any more, just in case some misconfigured piece of mail software tries to do something unwise with it. > why would we then ENFORCE sending such malware in abuse reports? Because decades of experience have taught us that a full, unredacted copy of the message being reported is the most useful thing you can send to a feedback consumer. Regards, John Levine, [email protected], Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
