So you're opening up a port on the firewall to a critical service which has the potential to DoS the firewall for a feature that only a handful of IT hobbyists might consider using?
-----Original Message----- From: Dan Swartzendruber [mailto:[EMAIL PROTECTED] Sent: Friday, September 23, 2005 7:27 PM To: [email protected] Subject: RE: [pfSense Support] antivirus and etc At 08:22 PM 9/23/2005, you wrote: >Dan, > >You're opening up a real potential for DoSing the firewall if you have an >especially busy Exchange server that gets hit by some mass mailer worm. I >would rather have a separate instance of clamav running on my postfix (or >whatever MTA you choose to love) box. Well, I did say that was an option. That said, I'm not sure I buy that. Keep in mind, the clamav instance running on pfsense will only be as busy as the MTA makes it. Most non-enterprise MTAs (like mine) will only allow a handful of inbound connections at a time, and until the virus check is complete, no further smtp connections will be allowed. I guess it's a decision to make depending on the CPU horsepower available on firewall and mail server. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
