On 12/13/2008, Dave McGuire (mcguire@neurotica.com) wrote:
My network security is handled elsewhere. I too believe in layered security, but my desire to use the right tool for the job is much stronger. My mail server is busy serving mail; my network security is handled by equipment built and optimized for that job.
Firewalls don't add any (perceptible) extra work or overhead for most any system, even old systems with old processors and not much RAM...
Unless, of course, you have an insane number of rules...
It's not like it costs anything extra.... :)
Well...that's the attitude that got us operating systems that need a gigabyte of memory just to boot, and processors clocked at 3GHz that give me the same useful performance as my 4MHz Z80 twenty years ago. ;) Nothing is free.
Your argument is bogus - see above... again, a basic, properly configured firewall has negligible impact on pretty much any systems resources, even ancient ones...
So, yeah, enabling a firewall on a mail server is essentially free, whether talking impact on system resources, or dollar cost.
--
Best regards,
Charles