The Postfix security model is based on keeping software simple and stupid.

When I write software, I know that it will fail, either due to my own mistake, or due to some other cause.

My reply is: the software has no known bugs, therefore it has not been updated.

In a previous life I wrote the software that controlled my physics experiments. That software had to deal with all kinds of possible failures in equipment. That is probably where I learned to rely on multiple safety nets inside and around my systems.

I want to avoid locking people into solutions that work only with Postfix. People should have a choice in what software they want to use with Postfix, be it anti-virus or otherwise.

The Postfix security model is based on keeping software simple and stupid.

Defect-free software does not exist.