I once posted that all the anti-virus checking should be done on the
Windows boxes only. Let the mail server deliver mail, let the firewall
block bad packets, and let Windows find the viruses. Why? Re-read what
Chad stated in the last sentence below. Some people replied that that
was ridiculous because the viruses should be blocked from the mail
server with clamd. One person said that clamd can't be exploited
remotely. Since then many vulnerabilities have been found in clamd and
some of them remotely. Pity.
My advice:
Use OpenBSD's pf for a firewall.
Use OpenBSD's spamd for spam blocking.
Use a good anti-virus software like Norton for all your Windows
workstations. You install Norton on a server and have all your Windows
boxes receive updates from it. You install a SUS or WSUS server so that
all your Windows workstations have the latest Windows updates.
Chad M Stewart wrote:
My firewall is a firewall, provides packet level blocking/allow,
ftpproxy, and nothing else. Adding other services can make it more
vulnerable, either by software problems or configuration problems.
