Symantec Security Gateway vs. Custom Linux Box?

michaelr asks: "I run several email-based discussion lists. While only members of the lists are allowed to post, I've lately had problems with viruses as they often impersonate the members (or the members themselves are infected). I've identified two solutions: either build a Linux box running SMTP-based antivirus software, or purchase something like the Symantec Gateway Security which includes AV among lots of other things. The street price makes it a little more expensive that a Linux box + AV software, but it seems to be zero maintenance. The problem: the Symantec device is new, and before I place my trust in it, I'd like to know: has anyone had any experience with it, or should I just build the equivalent myself?"

Linux + AV

[FroMan]

At one of my last jobs I used this setup:

Linux + Sendmail + Amavis + Sophos

Once I had it setup I could completely forget about it. Setting up the Amavis with sendmail was a trick, but I had a homebrew sendmail.cf file because of some complications with our mail setup. Once that was done, I signed up for sophos email alerts. From that mail I setup a script to be run when ever one of those mails came through to go out to sophos' website and get the update.

All in all, we never got an email virus coming into our network after that through this box.