When Is Exchange Inappropriate For The Enterprise?

malice95 asks "At my company (approx 1000 users) we currently run Dual Sun Ultra 2's (Solaris) in an HA configuration for our mail system. It runs Sendmail with pop, imap, web-based e-mail, web-based e-mail archives, and approximatly 150 Majordomo mailing lists. The system has been working great for months. Our users use a mix of Netscape, Outlook, and Pine to read their e-mail. Lately there seems to be a small but politically forceful faction in the company that wants us to move to MS Exchange for our entire e-mail system and standardize on MS Outlook for the desktop. I have seen many exchange setups crash and burn at other companies, and become management nightmares. Can you help me come up with opinions/facts/experiences why exchange sucks as an enterprise e-mail solution versus a nice solid Unix solution to present to management?" There are times when standardizing on Outlook and Exchange may be desirable for a company and times when it is not. Is this one of those times, considering that it looks like this company has a perfectly working mail system already in place? Why or why not?

Management's IT Rule #0

[Fatal0E]

If it aint broke, fix it till it is (broken)

Why Screw up a good thing?

[EvlG]

Why change something that works well?

Exchange has the potential to introduce a number of new headaches into a system that works very well. Why change?

If they want to standardize on Outlook for the desktop, go ahead and do that. But that doesn't mean they need to get you to change your entire backend to run Exchange.

Re:Why Screw up a good thing?

[AllegroCEO]

As one who has run sendmail/postfix/pine/etc in large university settings and ISP settings I think I have a fairly well balanced view point. As a long time *NIX sys admin, it pains me to say it, but in a business organization, Exchange beats the pants off other *NIX solutions I have used. I also run several dozen distributed mail servers across north america for an enterprise business concern and I would absolutely shoot my self in the head if I had to try and come up with a *NIX solution as feature rich, easy to implement and maintain as Exchange.

Exchange servers and outlook are excellent choices for business organizations for their internal mail needs. It is easy to setup, easy to maintain, allows easy setup and maintenance of distribution groups, allows easy setup of multiple smtp addressess for the same mailbox, only maintains one copy of a message in the message database for multiple distributions to save space, is generally quite bullet proof and runs forever without a reboot if you don't try and put several apps on the same box, havae the coreect patches on it,etc, allows for distributed e-mail servers with very little work or maintenance, allows user mailboxes to be moved between distributed servers easily. My mail system admins are pretty much entry level and require very little training. There is a lot of control over distribution lists and addresses in terms of who is allowed to send mail to those addresses (good for pager email addresses for the IT and executive staff and "everyone" distributions). Exchange server allows for the easy integration of things link the RIM Blackberry wireless PDA's (what the execs prefer here) on a server level instead of a workstation level. How 'bout when upgrading/adding a new mail server with exchange. Bring it online, move the users mailboxes to it by selecting the user and picking a different home server for them. Next time the user logs in, Outlook will automatically detect the mailbox was moved and reconfig transparently. Really simple, really painless.

Of course there are the shared schedules that make it easy for execs to have their admins keep their appointment books for them, and allows all changes to be merged. There is granting "send as" privs to exec admins. The really big thing for everyone is the GAL (global address list). Since the Microsoft solutions are very expensive compared to other solutions, Execs are willing to hear proposals for just about any kind of replacement mail system that has a decent web mail interface and all the other scheduling features, etc, but if it doesn't have a GAL, it won't get heard.

--JB--

Exchange's Strengths And Weaknesses For The Masses

[eric2hill]

I've rolled out several Exchange servers for different clients. Here is a from-memory good/bad list for Exchange that I tell all my users before they settle on a mail system.

The Good

• Unified message storage makes backing up everyone's mail a breeze
• Outlook MAPI clients get instant new message notification without having to check every 10 minutes - A HUGE PLUS. I have yet to see a POP/IMAP solution that does this reliably.
• Connects with pretty much every mail system out there
• Supports Outlook as a MAPI client, and all POP3 and IMAP mail clients running on any OS
• Fairly easy administration and all message system recipients are shown in the "Global Address List"
• Exchange performs quite well on a single processor system with 256MB RAM
• Installation is pretty easy
• Mail server clustering (failover) is supported, although at a cost
• If your users gripe enough, you can enable the web-based messaging at a performance cost
• Messages to multiple receipients are stored only once (with multiple pointers) to reduce information store usage

The Bad

• To back up individual mailboxes, you need a third party backup tool (Backup Exec or ARCServe)
• Exchange eats memory up quickly to keep performance in check. You need a stand-alone machine with 256MB to 512MB RAM for a solid implementation.
• Having all messages on the server could cause network bottlenecks if a 10MB video goes to "All Users"
• Instant message notification only works with Outlook (MAPI Clients). POP/IMAP users are out of luck.
• Because of the size of the installation, you shouldn't use the mail machine for anything else
• Cost - OUCH! Exchange is one of the most costly enterprise mail systems available. Add to that the fact of a Win2K/NT Server license, Exchange user licenses, and backup software license and you've doubled or tripled the price of the hardware
• Some of the message and delivery restrictions are not robust enough to prevent certain virus outbreaks...
• Speaking of virus outbreaks, the instant message delivery may aid that. A good virus protection software is recommended - more $$$

In short - I like Exchange for it's features. It definitely has an advantage over sendmail/pop/imap. BUT - The need for a dedicated server (difficult for smaller installations) and astronomical costs make the decision more difficult.

Hope this helps.

Re:Using Outlook in a scaling UNIX enviroment

[Kagato]

HP is an american company. As you know the product is produced in the Pinewood England office. Openmail enjoys far more popularity in the EU/UK area than the US.

You probally did Openmail Internals just like I did.

This boils down to the following. Before outlook came out MS had there crappy exchange and MS mail clients/servers. At that point HP was years ahead of MS. HP released a NT version of Openmail. The word directly from HP was MS hit the fucking ceiling. They told HP that if Openmail wasn't pulled from the NT platform that they'd drop them from the NT VAR/OEM program. They would no longer get advanced releases. This would screw HP because they need to write drivers for NT for the custom hardware they make.

Openmail NT was pulled from the product lineup and is a footnote in history.

HP was really hoping that OS/2 would take a better hold of the market. At one point IBM sold a branded version of Openmail. When OS/2 crapped out that left HP out of the intel platform. And thus could never hold the costs down.

As far as cost reductions I can chip in the following. It was never the software it self that created the high cost for us as a HP Openmail customer. It was the cost of hardware and Unix support. Implimenting UNIX upgrades cost far more than NT service packs. Buying K series servers sucks big time.

This is where Linux comes in. If Linux becomes workable to the high end business customer this opens the door for large scale Intel boxes that would run openmail. Hardware costs would be reduced greatly, and the OS would be free.

That's my $.02

Re:PHB's like calendars--alternatives

[Prof_Dagoski]

If Novell's still selling it, look into Groupwise. It's got all the email, all the calendaring, and all the sharing of outlook. I don't think its got the security problems, and it works pretty nicely. It may be a pain to administer tho. It's also got a decent API that lets you interface other programs with it. In my case I tied in the medical campus event calendar on the web into groupwise to let people post events to their own calendars. The work was straight forward. I'd also look into open source solutions for this same feature. There's something out there called "V Card" if I have the name right--probably don't.

Exchange versus UNIX based solutions

[riley]

This sort of discussion went down at the University I work at a couple of years ago. That time period is now called by everyone (even the upper level of University management) the Email Wars.

For nearly two solid years, there was a large push by some in upper management to migrate our entire user base (some 80K students, faculty, and staff) to Exchange, regardless of the number of technical staff and managers informing said upper management of the large downsides, not the least of which forcing a client (MS 9X/NT) platform on the faculty.

That being said, we settled down to have a modest Exchange environment with about 5000 users across two campuses, and about 80000 users across two campuses using the freely available and open-source Cyrus IMAP server from CMU.

In the past year, there have been more serious security incidents involving executable content with the Exchange servers, forcing the University to purchase a Sybari license to prevent being overrun with virii. The Sybari stuff is not inexpensive.

My current position with the University is as a senior software/systems engineer. For the most part, I design mail systems. In my professional opinion, unless the features that Exchange gives you (basically calendaring and integration with MSOffice -- everything else, including folder sharing and collaberation are available in more secure products) are worth the amount of time and money that will need to be spent to secure the environment, it would be a bad idea for folks to migrate from an IMAP environment to Exchange.

Exchange in all our tests proved to be less scalable than a UNIX based IMAP solution. More people are required to support fewer users on Exchange. On top of that, individual servers crash often enough that it is not really an event when it happens. Admittedly, an individual Exchange server crashing only affects a couple thousand individual mailboxes, but they crash enough that spreading out load in necessary to maintain the illusion of continuous service. This is not a knock against the people running th Exchange servers. The Exchange admins I work with are bright, talented people. The server software crashes all on their own. Microsoft's own consulting people have not found a flaw in the Exchange system design here. The software just crashes often.

That is the security and performance part of my analysis. Beyond that, Exchange generally does not like working with the outside world. Mail routing can be an issue unless you have a very simple network design. Features in Exchange can be fairly confusing to even experienced users. My personal favorite in that vein forwarding. If a user wants to forward their mail another system (say a personal workstation) Exchange will munge the headers so that the original recipients of the message are not entirely clear. This has led to some embarrassing incidents where people have replied to messages that they thought were to them personally, but were actually to a distribution list. The reply went to the reply-to, which ended up distributing to everyone on the original list.

Even beyond that was the arrogant attitude displayed by Microsoft when bugs were reported. At one point, we discovered a bug that would crash the storage server when accessed via IMAP. Once a check was signed, their interest in working on problems with our existing implementation was gone. I know this should not be unexpected (Reboot, Re-install, Upgrade being the MS Tech Support Mantra), but when Microsoft representatives are in a room with the University officials and actually say words to the effect of, "Who are you to tell us what is wrong with our software", it at least validates the anecdotal opinion of Microsoft.

Much of this may not apply to your situation, but this might. When we did our studies of cost per user of a UNIX based IMAP solution as opposed Exchange, it ended up being an order of magnitude cheaper to use UNIX for the bulk of our email serving.

Add, don't subtract

[inKubus]

I work in the IT department at a large state university (Montana State). We have a number of email servers on many different platforms, from POP on UNIX to pine on VMS to Outlook with Exchange server on NT. We offer options for everyone--some people just want the simplicity and efficiency of pine, some people want POP email with the added features of attachments, etc. that are easy to do on a POP client/server arrangement. Other people need calendars and scheduling that Exchange provides. We charge 10 bucks for email accounts and 90 bucks for exchange? Why? It's more trouble than all the others combined. Not only do the virus issues kill, but when people get their desktops upgraded, oftentimes it is difficult to transfer the multitude of Personal Folders, PABs, Offline Folders, plus maintain all the online stuff. But it's the viruses that are the worst. Everytime there is an outbreak, the idiots just open the attachments and spread it. Luckily for us, everyone has everyone else's email thru the exchange directory, so if one person opens it everyone gets it. We have protection installed the database, luckly, but that doesn't make it any less of a pain. When I LOVE YOU came thru, the virus protection deleted almost 900,000! attachments in a day and exchange was about 4 days behind mail traffic for the next week. The only advice I am going to give you is add, don't subtract. If you think Exchange is a SUBSTITUTE for a nice, reliable *NIX based POP mail, you have another thing coming. Just wait til the next genius virus writer comes along to fuck your shit up. Blah!

PHB's like calendars

[NocturnalWarrior]

As a former Exchange admin (well, and all the other BackOffice stuff too), I can say that PHB's like being able to see each other's calendars. Exchange/Outlook makes this really easy to implement and for a small shop (single server, and say under 100 users), it's really easy to set up right out of the box.

Has anybody had any experience with that *NIX MAPI product? What was it called? MailOne? I'd be interested in playing with that sometime I think.

Why not to use Outlook

[dmuth]

I don't know much about Exchange Server, but I can give you two good reasons why not to use Outlook:

1. Forcing users from around the company to switch from products that they know and are comfortable with to a product that they don't know and might not be comfortable with is only going to frustrate them and alienate them from management and especially the IT deparment, whose "fault" they'll percieve this as.

2. Outlook is chock full of security holes. Thanks to those holes, it makes worms like Kak possible, whereas it wouldn't be a problem with any other e-mail client.

Personal Experiance

[Technician]

Our company changed to Outlook. We got hit with the Love Bug Virus. We now have outages every week (scheduled lasting 6 hours) which is a pain for a 24/7 manufacturing shop.

On a related subject, we dropped Russell Calander Manager. Calander Manager imediately showed conflicts in schedules (vs waiting someone reading mail and replying) With Outlook, those checking the calander at the beginning of shift go to cancelled meetings or miss changed or recently scheduled meetings because there wasn't time to sift thru all the stuff in the inbox. With Outlook you have to open any mail that may contain a schedule event to update your calander. Same thing applies for cancelled meetings. I have found out about meetings after the fact. I have attended cancelled meetings. In Russell Calander Manager, some of the users were confrence rooms, vacations and the like. I could schedule a meeting and include the confrence room as an attendee. I could schedule Easter off and include the apropiate vacation slot as an attendee. It works first come first served. No arguements over who was first. Anyone else later would be get a conflict as the confrence room or vacation slot was unavaliable to attend. This made confrence room use a breeze. If you really needed a room, you could e-mail the person who scheduled the room to negotiate and they could re-schedule freeing up the room so it could attend your meeting. (the room auto accepted the first requester). With Outlook sometimes two groups arrive to use the same room. A person has to read all the mail for the room and reply to it later (not real time by someone not working 24/7). Therefore several people can get unconfirmed dates and times for a room. What a mess.

Business Reasons

[johnnyb]

What you need to do is find the business reasons that they want to switch. Is there something specific they want to be able to do that exchange allows? If not, then it is stupid to switch. If so, you need to find out

a) what the costs are to implement said functionality with exchange

b) what the costs are to implement said
functionality without exchange

Include all costs - hardware, software, licensing, support, man-hours of work, user training, sysadmin time on installation of outlook on all machines, server maintenance, scalability costs, etc.

The problem with most decisions is that the full costs are hidden. It's your job to bring them to light, and to show what the actual costs are. If they are willing to take those costs for the functionality they want, fine. Its your job to give it to them. However, if they don't know all of the options and their true costs, then that's your fault. If the have the knowledge an make bad decisions, there's nothing you can do.

Feature Set

[Null_Packet]

Well, the best answer I could give you is it depends. What is your primary server base? Are your accounts primarily NT or Unix based accounts? The real strongpoint for many mail systems is seamless authentication, so it depends on your server base. Exchange 5.5 properly implimented is quite reliable, and so is the RTM (Release to Manufacturing) version of Exchange 2000. When I say 'properly implimented', I mean that you have to have someone who knows the product at least a little. If you have seen setups crash and burn, it's not due to the Exchange software bits, but usually to a dork who tries to B.S. his or her way through the migration/implimentation.
You also need to consider how big your IT staff is and what kind of skills they have. If your IT staff consists of a few very few knowledgeable people, then a Unix-based system can be installed and maintained through sometimes complex, but less often maintenance procedures. If you have an IT staff of scattered skillsets, then you might consider having a consulting firm install Exchange 5.5 or 2000 and have them document it all, then your staff maintain it. This latter option would provide easier maintenance with a lower knowledge-level requirement for staff members.
The point is, that if you're looking for a reason to hate Exchange, then I am sure you will find people posting here to commiserate with you; but you will also find just as easily people willing to commiserate over unix-based mail systems.
While not a popular stance with the younder slashdot readers, software isn't a religion, it's a tool. Good software meets a need with a minimized amount of cost- sometimes that cost is in software price, sometimes in staff salaries, downtime, etc. If you would like to talk about this more offline, send me an e-mail.

Here Comes the MS Bashing...

[NetJunkie]

Exchange works well, when designed well. I've done Exchange deployments in companies many times this size, I've admin'd companies larger than this too. If you set it up and do your sites and organization layout correctly, you'll have few problems. 1000 users is NOTHING to Exchange. You can easily do that on one server in a single site, and it'll run itself.

OutLook has security problems. But step 1 is to put in a GOOD anti-virus app at your entry point to Exchange, and all other mailbox servers if you really want to cover yourself. Make sure and get a backup software with a good Exchange interface. I've used both ArcServe and Backup Exec, and prefer Backup Exec. An option is to do a brick by brick backup where you can restore an individual mailbox, but be careful as this is much slower than a database backup. Microsoft has a number of whitepapers on their site about the care and feeding of the Exchange database. With v5.5 most of that is no longer needed. You don't need to repack the database every few months like you used to.

They also offer some excellent whitepapers on optimizing the server. This mainly has to do with memory and how to set up the drives for performance and fault tolerance.

The appeal of Exchange over things such as pine and sendmail is integration of the calender and task scheduling. That is a HUGE feature for the management types.

The real question is to look at the reason to change. It will be effort to move mailbox info over to Exchange so make sure it's worth it. I do mostly Unix work now, but still use Exchange/Outlook for email. I just think it's one thing that Microsoft really got right. There are a number of companies with over 100K users on Exchange.

Exchange stuff:

[congiman]

First a bit of background about exchange.

1: There are 2 choices with exchange right now, 5.5 and exchange 2000.

I'll give some 5.5 background.

1: If you are using this in an enterprise, you will need Exchange Enterprise server. This will let you have a message store greater than 16GB's. (Unlimited)
2: If you want things like clustering etc. beware with exchange 5.5. it does not do it very well at all. Its an active, standby config. (1 is active, the other is standby). When the first one fails, the second pops up and has to start the services. So you may have between 30seconds - 5 minutes of downtime for "clustered failover". Also, for your clustered servers to work, you need shared disk. (They need to share the same array). This would mean you would need to buy a pretty massive compaq or something.

3: 5.5 offers ldap/pop3 and webmail.
The downsides of webmail. It is recommended (by microsoft) that you move webmail to different servers and have your users connect to that. They recommend you do 2 (IIS 4.0)web servers for every exchange 5.5 server.
If you run IMAP/POP3, your users must connect to the server they are homed on. They cannot connect to 1 server and in the backend be connected to the server their files are on. So if you migrate servers with pop/imap users, you need to change each clients PC.

4: If you want resources like conference rooms, that do automatic accepts etc. in my experience you need to devote a dedicated conference server to do accepts for this. This requires that the machine is always logged in running outlook. Ok well there are technotes saying you dont need this. Too bad I couldnt get it to work.

5: Exchange will NOT install without a true domain controller. That means you need a PDC installed on your net and your exchange server as a member server. (Samba will not cut it) (at least not 2.0.7)
6: Now lets analyze the cost, assuming this is an enterprise.
You have:
2 Big main servers
1 Shared disk array
1 Tape backup server
1 Tape backup software
1 Exchange plugin for the backup software
2-4 Pc's for webmail
1-2 Conference room servers.
2 NT Enterprise server softwares.
1 NT Server software (backup server)
4 NT Server software (webmail)
2 NT Server software (conf rooms)
Now there is also the licensing for every user you need to pay for. EVEN for your pop users etc. The rule is "if they have a password, they need a license".

Now it is not all doom and gloom. You do get some cool calendaring and stuff that people like. Is it worth it? Depends on how important things like calendaring and reliability are to upper management.

There are also some weird bugs with 5.5 SP3. (Sp4 was released this week, but I havent tested it yet)
a: When you migrate users from 1 server to another, mail to the user during this migration gets bounced (User does not exist). Moving large mailboxes can take up to an hour (or longer).

b: You cannot migrate users from 1 site to another. (You have to copy to PST, and then import to the other site). (If you didnt appreciate rsync, this will make you wish you had it.)

Now lets go to Exchange 2000.
Note: This is infromation gained from speeches, and grilling MS reps, not from practical experience!

1: You need an active directory server. That means you need to be running a MS Active Directory server for your network. This could potentially become a win if you had your unix servers authenticate against it via ldap. But then again, it could also be a nightmare. Just a hypothetical.

2: It now supports active/active clustering. (So if 1 fails you still keep chugging along.) The bad thing is to get 2 way clusters you need 2000 Advanced server. To get 4 way clusters you need 2000 Datacenter server. (not cheap) Again these machines need to be connected to the same array. So that would mean some big hardware (compaq etc.)

3: As part of AD, you can move users across sites now.
4: You need less frontend IIS servers (according to MS its now 1 for 2 (as opposed to 2 for 1)). However now every frontend IIS server needs to have a license for Exchange 2000 server. (did not in 5.5)

5: Improved ways for backup. (You can now have multiple backup types for your server, so that different types of users, can be backed up with different frequency.)

6: If you have pop3/imap users on different servers, they can get to them by going through 1 server.

The plus for 2k would be the active/active clustering and the fixes. But then again, you have a lot of changes to make to fit it in.

Conclusion

Depending on what your internal architecture consists of, you may have a lot more to change than just adding an exchange server. You might have to add in a PDC, or AD server. You will have to put all your users in there for authentication.

Be careful with trusts, sometimes they are not your friend.

Make sure you set up a new account to be the exchange server manager.

If you run 5.5, run the Mailbox Manager. It allows you to clean up mailboxes over time.

If you have legal or compliance issues, you can have exchange be like big brother and copy all mail (to anyone) to an account for review. This is called message journaling.

The costs will mount up quick. Depending how much you have in your existing infrastructure, a figure with costs for a reliable solution, with certain uptime requirements may be prohibitive.

That may be something to ask of management. "what are the uptime requirements for the e-mail system".

Oh and last and final: Whatever you do, frontend your exchange servers with dedicated unix servers for outgoing and incoming smtp mail. That way you have things like support for things like the RBL/DUL/RSS, as well as aliases, redirection to things like mailman lists, and many more.

Hope this helps

-- C

Exchange v. other MTA/Delivery systems

[m.n.]

Once upon a time I was a consultant and had to discuss this issue all the time. Before we give you a counter argument, let's deal with what they are usually _really_ asking for:

-A single address list (OpenLDAP anyone?)

-Consistent look and feel to messages (Make everyone use the same format.)

-Ability to directly use rich content in messages (See above. Pine users will probably take a beating on this one though. Sorry.)

-Group scheduling (There's freeware that can do this. If the company is anti-open source, use the iPlanet calendar. If you use an HTML based scheduler, you can tell them how you're aligning the company for e-biz through the Extranet/Internet/insert buzzword of day here.)

I'm going to venture out on a limb and say that they are probably pro M$ techies or on the business side. If they are on the biz side, they only know what they've experienced and/or heard. M$ eXchange is commonly credited with providing all of that functionality. Now on to the points that you can use to counter this force:

- Cost. I wouldn't make the typical free software
argument at all. Avoid it with PHBs, it's a black hole. Rather I'd talk about the increased administrative costs, the poor ROI on software that gobbles up resources and the cost of outages.

- Reliability. I've been forced to live in several environments where exchange was implemented. Even in the best of them, the mail servers went down on average twice a week. Sendmail in a HA config is great since you can migrate the storage and keep on trucking. Let's not forget the ease of adding upstream MX spoolers in the event of a link problem. Ever use exchange
as a spooler? Ick.

-Complexity. Depending on how much mail your typical user gets/sends/processes, the amount of storage and processing requirements vary wildly for exchange. Odd are you'll have more than two servers (I'm guessing five.) Shared storage and data volumes? Good luck implementing this under NT 4/Exchange 5.5; remember that exchange sticks every message in a database which makes it a major PITA to even consider shared volumes.

-Productivity. It costs time to use outlook. Outlook is slow and difficult to use in comparison to netscape mail or even outlook express. They'll go for the directory argument so be prepared to bring up LDAP.

I hope this helps you out.