<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <blockquote type="cite"
      cite="mid:2b2e2e61-8257-ceb2-66db-79f3e31ae22e@agenda.si">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      And here's a part of the log for one that's merely converted to a
      spam report:
      <div class="moz-signature">
        <div>
          <pre>(20911-18) run_av (ClamAV-clamd): /var/spool/amavis/tmp/amavis-20201015T110518-20911-6Oyb0AUP/parts INFECTED: Sanesecurity.Badmacro.Doc.ArrWind1.UNOFFICIAL, Sanesecurity.Badmacro.Doc.ArrWind1.UNOFFICIAL
(20911-18) Turning AV infection into a spam report: score=0.1, AV:Sanesecurity.Badmacro.Doc.ArrWind1.UNOFFICIAL=0.1</pre>
        </div>
        <div><br>
        </div>
        <div>Why is that? What setting controls that?</div>
      </div>
    </blockquote>
    @virus_name_to_spam_score_maps<br>
  </body>
</html>