On 8 Sep 2015, at 17:06, joh...@fastmail.com wrote:
My question is - if I want to Postfix-integrate A/V & A/S *AND* stick to projects that have active development and communities like Postfix, what would you recommend?
I think the "active development" criteria as you've specified it isn't just unimportant, it's positively misguided.
Amavisd doesn't have a steady stream of new releases both because of what Mark Martinec said: he's been busy working on other things AND because it is a MATURE integration tool with a well-defined scope.
MIMEDefang is an alternative filtering integration tool with a similar scope and similar maturity. Dianne Skoll still works on it as needed but the releases are not very frequent because (like Amavisd) it doesn't have a lot of bugs or a lot of functional space to expand into.
Software maturity is a GOOD THING. Software design that doesn't naturally lead to scope cancer is a GOOD THING. Amavisd & MIMEDefang aren't monolithic do-it-all filters, they are filtering hubs that mostly just hook an MTA to software like SpamAssassin, ClamAV, etc. that actually does most of the specific work of filtering.
As for a recommendation, I think that Amavisd and MIMEDefang are clear leaders because of that shared aspect of their archite3cture and their maturity but which you prefer is a very subjective issue. MD is what I use with Postfix, but that's largely an artifact of having used it for years with Sendmail, not a judgment that it is objectively better than Amavisd. I have a rather baroque and organically grown but highly effective mimedefang-filter (the core MD config: a file full of Perl subroutine implementations that MD calls) and I'd rather not do the work of figuring out how to do the same things with Amavisd. If you are good with Perl and like the idea of being able to write your own customized filtering gadgets that nothing else does quite to your taste, MD is worth considering. If you'd rather have a config file that doesn't require the ability to read and write Perl, Amavisd is probably a better choice (although amavisd.conf is also formally Perl, it's just a bunch of variable assignments.)
To hook into a filtering hub: there are not a lot of free AV choices other than ClamAV, which isn't very good. On a substantial & diverse mail system it will catch some malware but probably not most of it and even with it in front of SA you may see SA blocking more malware as spam (because after all, nearly all emailed malware these days IS spam.)
