Hi. Thanks by the way for all this great feedback about ClamAV and PF integration. Am learning a lot here. :-)
Just curious though about typical use-cases for smtp-vilter.... I can see the PF integration being a great way to isolate virus-infected hosts on a LAN by putting their IP addresses into a quarantine table on the border firewall. Once the virus has been cleaned the host is removed from the table (by the administrator) so that it can access the Internet again. Just curious, what response-policies do folks use (with smtp-vilter) when hosts on the Internet send infected emails? Do you block those hosts outright? Or do you remove any attachments/pictures first and then forward just the message body to the intended recipient? I think smtp-vilter has just the right feature set. :-) Sarah Marc Balmer wrote:
Well, I am biased (I wrote smtp-vilter). I wrote it quite some time ago because clamav-milter's quality was really bad. And I needed LDAP and PF integration. smtp-vilter was written with OpenBSD in mind.
