On 11-May-05, at 4:20 AM, Smith wrote:
Dangerous is a fact of life, dealing with Windows workstations. I'd rather deal with a client mishandling a malicious message than have my MTA rooted because I didn't apply the latest patch to clamav or spamassasin or having any of these 3rd party software crash the MTA because of a bug. Theoretically, I believe it would be better to have the MTA filter spam and viruses, but I don't trust 3rd party software, I trust OpenBSD software.This is a very dangerous approach to take, relying solely on the final mail reader's client to correctly handle malicious messages.
But the point is that you're going to have to have an MTA, anyways. A good admin will keep it up to date regardless. Keeping one (or a handful) of boxes up to date yourself is a lot simpler than relying on individual clients, especially if you're an ISP and don't have control over them. That being said, you should at least have filtering/virus scanning on the clients, if it's feasible. Plus, the OpenBSD guys can't possibly do everything. spamd is used to take redirected traffic on black/greylists, it doesn't filter at the application layer. You need something else for this.
-- Chris
