Jeroen Massar wrote:
dns was not really questioned, but I would prefer djbdns (+patches, again) or bind.
Patches, patches, patches. Bind9 is fine (and actually what I usually use) but pdns&nds are simply faster, thus for scalability I would go for those, then again it depends on ones needs.
Given the potentially high DNS traffic (all those xBL lookups), a dedicated caching DNS resolver may make sense. Additionally, you should consider running a local rbldnsd for mirrored zones (proxying from the resolver to rbldnsd).
- amavis + clamav & Spamassassin using milter inline in postfix
Seem both to be just 'the standard antivir and antispam' solution
There is afaik nothing better, especially in combo with:
Detection rates of ClamAV are pretty low. If you want to advertise "virus protection" as a feature, you may want to integrate at least one additional scanner.
-- Matthias