For virus scanners that run at other stages in the delivery process, the right decision about whether to do a notification or not is virus-dependent, if your anti-virus package supports it. Sobig almost always forges sender addresses, so it shouldn't get a reply, but some other viruses don't forge the sender, and should get the reply. Limiting the responses to once a week per sender or whatever may help, but only if the same sender gets forged a lot.
One of my pet peeves is anti-virus programs that detect a virus by name, so they should know that it always spoofs the sender address, still sending messages referring to the "message you sent". I wonder if people receive those, scan for viruses, and then when they don't find one, do one of the following: 1) Take their computer to a computer store and pay for needless 'repairs', or 2) Reinstall/reformat rather than take chances. At a very minimum, guys, adjust your messages to say "an email that appears to have been sent by you" or similar language to indicate that you don't know for sure who sent the message. DS