firewall, spam and virus control in one box

Steffen Kluge kluge at fujitsu.com.au
Thu Jun 9 07:52:58 UTC 2005


On Thu, 2005-06-09 at 08:54 +0200, Bjørn-Sverre Nøttum wrote:
> Is it possible to put all these applications in a fedora box, and make this 
> a sort of a "securebox" that is filtering all in- and outgoing traffic?

I'd recommend doing SPAM and virus filtering on the mail gateway and
http proxy, and running the firewall on a separate machine.

> I have looked at spamassasin and clamav, but I am not sure if these are the 
> best choises. And I have not found anything on how to make them work 
> together.

My favourite glueware between MTA and content checkers is amavisd-new.
It's very flexible and powerful.

I'm using postfix/amavis/spamassassin/(various AV's) in a number of
sites with great success.

>  When it comes to fierwalling - is it possible to use the one that 
> is pre-built into the fedora release?

Absolutely, the Linux kernel firewall is as good a stateful packet
filter as any. I don't think Fedora is the best choice for an Internet
firewall, though, simply because of its short life cycle. The last thing
you want is stale software at your perimeter. Have a look at the free
RHEL variants, or even OpenBSD, which has a way cool kernel firewall
(pf).

Cheers
Steffen.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050609/4994f406/attachment-0001.sig>


More information about the fedora-list mailing list