Where I work, despite being a Windows shop (small one), nobody trusts ISA Server as a firewall… 🙂 so we have Linux running non stop as a firewall/proxy since 2003 with Postfix, Mailscanner, Spamassassin and iptables and doing a fine job.
So far so good, but I though that after 5 years of non stop service I should look for something easier to manage to my Linux challenged colleagues 🙂
I looked basically to two solutions: IPCop and Endian Firewall:
IPCop: Is basically oriented for the home user. Mail processing is done through a SMTP proxy that doesn’t look too solid. It’s also an add on to the basic IPCop system.
Endian Firewall: It looks like it’s IPCop based, but mail processing is done with PostFix and Amavisd and Spamassassin. It also scans mails with clamav.
Both solutions have web based interfaces, traffic graphs, and almost no need to go into a shell. I do prefer Mailscanner better than Amavisd for mail filtering. First in MailScanner, blocked e-mails can be unblocked and delivered to the user, without too much of a problem. In Amavisd you must feed them again into the system because the “blocked” format is raw, so if you really need that blocked email, the only way I know (yet) is to use Outlook Express for viewing and forward the email.
Both system lack basic tools like wget, nslookup, dig, whois that can help debugging your internet connection. You need to add them after installing, and that can be quite a challenge.
Also clamd daemon, doesn’t seem too solid. It has the habit of crashing without any trace or any bit of information on the log files…. In my original firewall system we use Mcaffee for Linux and it worked always, but we are also paying for it…
So until clamd started crashing out constantly last week I had a good impression of EFW firewall, but I’ll replace the virus scanner for using the command line clamscan instead of the daemon clamd. Them clamd people must sort it’s instability issues as soon as possible. It’s not EFW fault.