> 4. If they need additional filtration, there are ready-to-use solutions of
> ApsmAssasin and ClamAV integration with postfix. But customer need to
> understand risk of false positives.
> 5. Bearing in mind (4) - who will take responsibilities of non-delivery of
> the mail to the recipients? Who will handle SPAM mail box? etc.
> 6. If they need to filter http - its another separate story )) same for
> protected IM, VoIP, and so on, and so far.
It is important to remember that there are a few issues here.
Most businesses see no value in something they spend nothing on.
Although there are man hours involved in building a home grown firewall,
the beancounters have no respect for something that is 'free'.
If a company spends $2k on a Fortigate (I have one as my office staff
fw), then it *must* be better than the one we spent nothing on.
Probably the most important fact is SLA. If something goes wrong with my
Fortigate (or any other vendor equipment for that fact), then it's
replaced/repaired the next day. If I quit my job, then the next person
doesn't need to learn a proprietary setup that I put together.
Please understand that I am in no way, shape or form knocking the
m0n0wall. I believe it is a great tool. I keep an image around for
testing every once and again, and I also have numerous other custom
routers/firewalls around. This is more of a business case than it is a
I don't know the context of the OP, but most business I have contracted
under have no interest in hearing 'SpamAssassin this, Postfix that',
they have one goal: get it to work, get it to work well and make it so I
never have to deal with it again.