Daniel Spies <ds20150222c...@pskx.net> wrote: > In my opinion, it doesn't make any sense to scan e-mail leaving the server. > The recipient will never trust these tags anyway. So why scan at all? It's > important to scan incoming mail, be it from a local or an external client.
I disagree. Recipients may not trust the tags, but it *should* stop outbound spam/infected mail should your machine (or one of the clients) get compromised. IMO spam and malware is not just something to stop coming in, it's something to porevent going out - if more networks prevented it going out then there'd be less of a problem. On my systems I scan *everything*, and I firewall off everything I can - including preventing outbound connections to port 25. At work I run mail servers that are used by customers - including as smart relays. It's not all that uncommon to find one of the customer compromised and sending out thousands (or millions) of spam emails - so my latest server also does rate limiting to limit the damage done before it gets spotted and blocked. _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml