One bug in an SMTP server can open up the whole machine for intrusion.

I don't expect an overnight change of all desktops to what the US Military used to call B3 level security. And even that would not stop users from shooting themselves into the foot.

For many people my software is something that you install and forget. I like to keep it that way.

Most of the effort in the software business goes into the maintenance of code that already exists.

My reply is: the software has no known bugs, therefore it has not been updated.

Defect-free software does not exist.

I want to avoid locking people into solutions that work only with Postfix. People should have a choice in what software they want to use with Postfix, be it anti-virus or otherwise.