On Wed, Sep 9, 2015, at 05:18 PM, Bill Cole wrote: > On 8 Sep 2015, at 17:06, joh...@fastmail.com wrote: > > > My question is - if I want to Postfix-integrate A/V & A/S *AND* stick > > to projects that have active development and communities like Postfix, > > what would you recommend? > > I think the "active development" criteria as you've specified it isn't > just unimportant, it's positively misguided.
Well then we'll disagree. Lots of SW is mature, yet still has active development - regular participation by authors & project developers, bug fixes, even the occasional new feature or documentation update. Take Postfix for example. > Amavisd doesn't have a steady stream of new releases both because of > what Mark Martinec said: he's been busy working on other things AND > because it is a MATURE integration tool with a well-defined scope. Yes, his comment was appreciated. But if I'd come to the conclusion that it was the "best piece of software ever conceived", but the developer(s) -- in this case Mark afaict; maybe others too -- were checked out, and no longer participating at all, than I'd simply not be interested. Because I don't consider that an 'active' project; and, that, after all, was what my question was about. Just my choice of the kind of communities I'm willing to invest in. > As for a recommendation, I think that Amavisd and MIMEDefang are clear leaders I'll at least stick to somethings that's identified on the Postfix Add-on Software list. Amavisd it; MIMEDefang afaict isn't. > If you'd rather have a config file that doesn't require the ability to read > and write Perl, Amavisd is probably a better > choice (although amavisd.conf is also formally Perl, it's just a bunch of > variable assignments.) The _ability_ to read/write Perl is not particularly important to this decision for me. I'd rather use that's made & knwon to work, and used by lots of folks, and that can be flexibly used with mostly just config. Again, a lot like Postfix. > To hook into a filtering hub: there are not a lot of free AV choices > other than ClamAV, which isn't very good. I've been using is standalone for years. Never had a problem. I also didn't hear that it's inherently 'not very good'. For my uses it should be fine. > On a substantial & diverse > mail system it will catch some malware but probably not most of it and > even with it in front of SA you may see SA blocking more malware as spam > (because after all, nearly all emailed malware these days IS spam.) I'll be putting in a layered approach -- Postscreen first, then Postfix's smtp restrictions and the before- and after-queue filter pieces. I don't particularly care what about the effectiveness of any one piece alone because I'll never be using it that way. If the combination of layers does the job, and every indication so far is that it sure can, then I'm happy. Thanks for the detailed comments! John
