Slashdot Mirror
Recommendations for the Right IMAP Server?
"I'm still at a loss for what to do. The documentation of all but uw-imap seem to be a bit complex for me. If it helps, I'd like to point out that I have Mutt and nbsmtp installed, which work fine for connecting to our SMTP and POP servers. How do I know what will serve our needs the best? Also, is there an IMAP server that I could install easily for testing and learning purposes? I'd like to be able to get something installed without much configuration. Security shouldn't be an issue for testing purposes, because it will only be on the local network, and the computer will be turned off when I'm not actively testing it. We're also willing to purchase products as well. We're willing to hire a professional to do it for us, but the boss wanted some research done so that we know what we're getting. Any comments are welcome. Thanks in advance."
Gentoo has a HOWTO using various packages here.
Why not try Microsoft? From everything I read here, they are well respected and only put out top-notch, high quality products.
Anyway.. Cyrus IMAP seems to be the best of breed IMAP server. Its desigined to work in a 'black box' enviroment, where the users dont need 'real' accounts on the machine - and if they did would have to use IMAP to access their mail anyway.
Its ACL features might be of significant use for a work enviroment (Im planning on deplying it in an ISP enviroment, so its not much help to me). Its heavy reliance on SASL is a bit tricky to get working, but recent IETF decisions seem to mean that SASL is a necessity for just about anything.
http://asg.web.cmu.edu/cyrus/cyrus-overview-TOC.ht ml
Don't do it. Outsource it to a datacenter. There's absolutely zero reason for you to do this yourself. The correct answer is to pay a service provider a small fee to take care of the servers, the backups, the security, the maintenance, and all of that bullshit for you.
Don't.
We've been using Courier for a couple of years now. We run several thousand users through it using Courier's POP3 and IMAP servers, Squirrelmail, and LDAP integration for all the user accounts. We've never had a single problem with it.
Jason
"FORMAT C:" - Kills bugs dead!
The big problem that I have with Cyrus is that account administration is a pain in the butt. It would be really nice to be able to give someone a web-based tool to create accounts and change passwords.
Finally! A year of moderation! Ready for 2019?
The real issue is the mailbox format. It is possible to run more than one imap daemon. Your choices are Maildir, Maildir and Maildir. There are others, but Maildir is really the best. Most IMAP, servers, however, require a patch to use Maildir. Courier was built with Maildir natively. I've now been running Courier for 6months and it's the best IMAP daemon I've ever ran.
You'll also need an SMTP server, which you didn't mention. Qmail, in my humble opinion, is the only solution out there. I found setup to be a little more complex than I felt necessary, but since I set it up, there hasn't been a hiccup. It easily allows you to instert ANYTHING into the chain the mail follows, so it extremely configurable.
Don't even bother looking at anything but QMail and Courier-IMAP.
I'm using Cyrus on a Mandrake box for my home, comes with the mandrake distro, easy to setup, and the entire family can use it. Just using fetchmail to pop accounts, and imap to serve it. Then turn on Spam Assassian, and your set.
Only problem I have, is Cyrus IMAP doesnt delete folders. Works with outlook express and thunderbird/mozilla.
Make a list of requirements on reliability, service, and self determination that you need. From there look and see if any datacenter can supply that for you. If so, sure do it, if not... many times the right thing to do is to do it yourself. I run my own mail server for myself because I have found I can be much more reliable than my ISP on providing e-mail service - plus I like the ability to have a 1 Gbit connection to my mail server to download the mail from the spool extra fast... beats the hell out of my 768/128 up DSL connection any day.
That said, if my mail server is off the internet for a day - I don't care or panic, I just fix it when I need too.
I have mod points and I am not afraid to use them
Don't listen to the people that assume it's a bear in production. It makes life so much easier. First of all, here is everything you will need to get a courier-imap server up and running with SSL and Postfix and MySQL and Mailmail and Squirrelmail.
Virtual Mailhosting System Guide
I can vouch for this system because I did it and use it. Works wonderfully. The client had no use for Mailman, so I didn't install it. The client also only had 4 company domains he was concerned with, so he isn't taking full advantage of the virtual hosting aspect of the system. Smart choice going with Gentoo. Keeping the machine up to date is so easy, the client is doing it. Just a small bombshell to avoid, don't use Reiserfs unless you don't want to support quotas. This customer had a need for quota on the same server and I had to go through hell tracking down the patches for Reiser quota and getting them installed. Chris Mason was VERY helpful when I had problems. THANKS CHRIS!
For every annoying gentoo user, are three even more annoying anti-gentoo crybabies. Take Yosh from #Gimp for example.
Nothing, and I mean nothing beats Debian where Linux is concerned. Or you could go the BSD route.
Gentoo isn't a contender because it is meant as a bleeding-edge desktop platform. It focuses on features and speed, not security and stability.
It's always a long day... 86400 doesn't fit into a short.
Needing answers to the same question, yesterday i bought a copy of this book: Managing Imap Perhaps you should get hold of it too. It covers the whole IMAP thing and Cyrus and UW in detail. If you are not worried about using proprietary s/w, and want something easy to set up for testing, have a look at Communigate. This is a complete mailserver solution, very quick to install set up configure, has an IMAP module and lots more. A licence costs $$ but the free version is identical save for a 1-line- text advert appended to outgoing emails. (Linux versions available, don't know how it would fit with Gentoo though)
Hmmm. Sounds like you need to type:
man ulimit
You could also perhaps look at some of your resource settings in your httpd.conf. Try reading a book about apache. There are a few good ones.
For every annoying gentoo user, are three even more annoying anti-gentoo crybabies. Take Yosh from #Gimp for example.
I'll go & read the documentation right now, but I have to ask, do you have a computer science degree, or any other expertise that made it easy to read the documentation?
testing out my trending skills
Don't do this. Pick whatever platform you use and can support, look for someone you can pay to do this, document it, and turn it over to you with instructions for maintainance and upgrading. Email isn't always simple, and these days doing it right (IMAP, anti-spam, security, etc.) can be quite a trick. Learning about email is great, but experimenting on your company is not a good long-term employment stratagy.
In any case, good luck, mail is cool.
Power corrupts. PowerPoint corrupts absolutely. E. Tufte
testing out my trending skills
Gentoo's focus seems to be doing everything better. Speed, security, and stability. You HAVE the option of installing bleeding edge crap or stable crap with one setting in your make.conf. I'm now up to 20 Gentoo machines I support and I'm truly starting to consider it the equal of the FreeBSD machines I have in place. Most recently I had to pick an OS for new hardware. The hardware is dual processors ServerWorks chipset 1U's with a gig of ram. I could not get DMA working with FreeBSD using the Serverworks IDE controller on drives. Gentoo worked fine and supported DMA just fine with the latest kernel. In fact, I have had zero problems to date with any of the Gentoo boxes I have set up and they are pretty much running close to the redline 24/7. Of course, that's actual real world experience and not speculation.
For every annoying gentoo user, are three even more annoying anti-gentoo crybabies. Take Yosh from #Gimp for example.
I've been running uw-imapd on a FreeBSD 5.0 system, along with sendmail (latest and greatest) for about the last 1.5 years with zero problems. Depending on the size of your company, this may or may not be a good solution. Please bear in mind that this is my personal mail server -- it serves exactly one account.
/etc/inetd.conf, and you're good to go
Plusses:
o Absolutely dirty simple to set up -- no config files, no settings, just dump the port on, add a line to
o Resonably secure; supports SSL
o Also supports POP3 and POP3 over SSL
Minuses:
o Each account needs a corresponding user on the system (you can, however, block login, I believe, to those users, such that they can not actually log into the system
o Administration requires adding accounts on the system and FS-level quotas (if you care)
o No fancy options or web/GUI's -- for me this is a plus, but it depends on how fancy your setup needs to be.
I've heard very good things about both Courier and Cyrrus but decided against them for my own use for a variety of reasons (mostly complexity).
Depending on your group size, uw-imapd may or may not be the right choice for you. Personally, however, I'd recommend running your mail server on an honest-to-god production-grade OS, like Free/Open BSD or a good Linux distro. And put it behind a good firewall. Gentoo is pretty cool, but mail MUST ALWAYS work, and to me that means running a production-quality, bullet-proof OS.
:)
I've been doing this stuff for quite some time, so that does help. I'm not sure if I can attempt to access the skill level necessary to read the directions and follow them. They seemed pretty straight forward to me.
For every annoying gentoo user, are three even more annoying anti-gentoo crybabies. Take Yosh from #Gimp for example.
- Courier IMAP - Supports Maildir, works well with most IMAP webmail setups, easy to setup, support Secure IMAP
- Postfix for SMTP - Can offload mail delivery to another program like Procmail, replaces Sendmail
- Procmail for Delivery - The Great thing about IMAP is that you have message folders on the server, procmail will allow you to sort incoming mail as it arrives.
- Spamassassin - Integrates with Procmail to sort spam into a folder or
/dev/null
- SquirrelMail - Seems to be one of the best web based IMAP clients around, done in PHP
The reasons I picked the above: Free, Wanted IMAP for server-side folders, needed Maildir support because I didn't want to use mbox because of performance and locking issues, and I needed webmail and an IMAP server known to work well with webmail.My Hello World is 512 bytes. But it's also a valid Fat12 boot sector, Fat12 file reader, and Pmode routine.
I use Cyrus in a number of my packaged configurations, but for ease of migration and security Dovecot seems promising, although it lacks many of the advanced features that Cyrus has. It would probably be helpful to know exactly how many users you'll be serving and what your mail volume is. You might drop by #cyrus on irc.freenode.net and chat with people there.
You could, of course, look around and hire a Linux consultant to set it up for you.
Wil
wiki
IM(not so)HO, you would be very happy with Debian. I have not used IMAP, but I do have a POP3 server that has only hiccuped once in 2 years. (Cache memory went bad - had to replace box).
Others scream that RH and Suse are the best, but upgrading a Debian box is two commands away: apt-get update & apt-get upgrade.
Vertical
72 CD D7 52 D0 7E D8 47 44 91 D5 84 D1 59 F1 A9-This is my 128bit integer. There are many like it, but this one is mine.
I'm pretty uncomfortable with continuing with POP3. It seems like the best choice for us is to be able to use IMAP so that the users can travel, & check email. In fact, that was the real selling point for IMAP. @ least 1 of the users uses 2 computers, so it would simplify things a whole lot for him. He would like to travel across the country in November, so it would be pretty important to have access to the mail that is already downloaded.
:^)
I think that from the user's point of view, IMAP is much more intuitive.
Nothing is written in stone, though. If you know of any advantages to POP3 & are interested doing some advocacy work for it, then by all means, speak to us!
testing out my trending skills
Read Life With Qmail
I will admit qmail was hard to setup. I will also admit it has been worth every second I spent setting it up.
Oh, to answer your question, 10 users on a Timex Sinclair with 4k of RAM. *smirk* Actually, started out on an AST Bravo P90 with 96 meg RAM. Got moved to a Compaq DP2000 P166MMX with 64 meg of RAM after the cache memory failed. Rock Solid every since. Oh, and did I mention it runs Debian?
Vertical
72 CD D7 52 D0 7E D8 47 44 91 D5 84 D1 59 F1 A9-This is my 128bit integer. There are many like it, but this one is mine.
at work we are in the process of changing over to a new mail server and going with Cyrus IMAP. We used to run WU-IMAP but on a dual P2-350 with half a gig it couldnt keep up with the load from 6 user accounts and everything was insanely slow.
our new mail server with cyrus is much faster, combined with the latest horde cvs (the best webmail client out there) its definatly the best combination we found, oh this is running on an identical spec server to the old one.
the latest horde cvs stuff is a major improvement on the old one, specially nice is ingo, the mail filter module, that has full support for editing the sieve scripts within a the cyrus imap server.
and before anyone comments about use squirrelmail its better, I have used squirrelmail on one of my other servers, still do in fact, simply because i havent had time to remove it and put horde/imp in.
I'm me. I think.
I know you spec'd Gentoo, but this is a great solution backed by an active user community/e-mail list. It's worth a look.
"It was a summer's tale: Just a boy, his Linux, and a head full of dreams..."
OpenBSD, hardened Sendmail from the default install, and Dovecot. Can't beat it. It just keeps going and going and going... </energizer-bunny>
One good thing, too, about OpenBSD is that it's very, very light on your hardware. I did mail for more users than you're talking about on a P166. Make sure to use SMTP auth with Sendmail, though. And, yeah, I do consulting too. Send me an email if you're interested and we can talk.
testing out my trending skills
I was using Courier which works pretty well. But the configuration is a mess, and there have been some performance issues when using SSL (Outlook Express was ornery, for example).
Switching to Dovecot was pretty easy and I noticed an immediate performance increase. The support of Maildirs is a must-have.
It's licensing issues. The qmail license is completely unacceptable, and the postfix one contains too much legalese. exim is GPL'ed, and they're trying to remove GPL'ed material from the tree, not put it back in.
They've patched sendmail a great deal to make it less vulnerable and make it run in a less monolithic manner. There is an occasional hole, but it's relatively rare.
Aside from that I am using Cyrus IMAP + Postfix on 2 servers running Gentoo Linux. The minimal install is pretty easy aside from the SASL stuff. Nicholas Petrele has a nice series on setting up CYRUS IMAP starting here. He also mentions Communigate Pro which isn't free but the trade for a no brainer install and maintenance might be worth the purchase price.
CYRUS is nice since you don't have to create system accounts, just IMAP accounts. It's also very fast and can handle a huge mail store without bogging down. The biggest problem is administration. The command line tools are rather simple and the web based systems are a cumbersome to configure. Many assume you're using MySQL instead of SASL for authentication.
I do suggest using SSL with IMAP and SMTP. It makes it nice for people out on the road without opening your server up as an open relay. This takes a bit of tweaking but it's worth it.
Finally, don't even think of doing "emerge -u world" on this box without allowing yourself plenty of down time. Updates should be planned and methodical - usually one ebuild at a time. I got into trouble once when some conf files changed for Cyrus IMAPd and Postfix. This was a while ago and I have not had problems since but I'm very careful with my upgrades now.
Oh yea. Check out Squirellmail. There's an ebuild for it. It takes very little to set it up and it's quite nice for people on the road. People will think you're a real stud.
It's licensing issues. The qmail license is completely unacceptable, and the postfix one contains too much legalese. exim is GPL'ed, and they're trying to remove GPL'ed material from the tree, not put it back in.
It's more to do with old school unix purism wanting to support all sendmails features, and the fact they've invested a shit load of effort auditing and patching it.
But as you say Qmail and Exim are non starters license wise (the OpenBSD team don't have a problem with the Postfix license anymore as far as I know). Postfix is a simple drop in replacement for sendmail on a BSD system that uses mailwrapper (ie OpenBSD, and probably the others).
Oh, really?
I stand by my original post stating that the licensing is the issue. Unless, of course, Postfix has adopted a proper BSD license in the two months since that posting.
That's what we settled on. The entire rest of our world is Apple PowerBooks, iBooks and Gentoo boxen (except the internal web server -- it's an old RedHat machine).
We tried and tried and tried all the other IMAP servers, since we had to support Outlook XP, only UW-IMAP seemed to work with TLS and Outlook.
I would not want to run Gentoo on my mailserver. I want fast, fire and forget. I love Gentoo and OS X on my G4 PowerBook, on my desktop and even in the server and testbed farms.
Not email.
Not for a while.
BTW, did I mention that we dropped it into a pre-existing environment that already has a proper DMZ amd automated, network backups (AMANDA)? To DLT? These are things you'll want to seriously consider since email is important to you, after all.I stand by my original post stating that the licensing is the issue. Unless, of course, Postfix has adopted a proper BSD license in the two months since that posting.
You're right, I must've misremembered the relicensing of tcpwrappers (not Postfix) during the license audit a while back - hence the "as far as I know" bit. tcpwrappers license probably wasn't the product of IBMs legal dept like the Postfix one is.
I still maintain that OpenBSD uses sendmail by default for non licensing reasons though (ie features, and being audited/patched). If Postfix or Exim was changed to a pure BSD license they would still use sendmail for their own technical reasons. They've had issues with sendmail licensing in the past too according to Theo (the June thread).
I have tried over and over again to switch to Cyrus from UW-IMAP and have finally decided that I have no need to do so. UW-IMAP is written by the guy who wrote the IMAP protocol, Mark Crispin. For all means and purposes it is the definitive IMAP server. It is extremely simple to setup, can scale up to tens of thousand of users, and supports every mailbox type you can think of. It also supports SSL with very little configuration. The O'Reilly IMAP book is a good guide to it (and to IMAP in general).
The one thing you really must keep in mind with UW-IMAP is not to use MBOX. The MBX format, on the other hand, is high-performance and very powerful. The maintainers of UW-IMAP have kept MBOX as the default for years now, but once you get past about 50MB of mail in a given folder you end up with problems.
My advice is to look through ALL of the docs to learn how to modify the source code. The docs are scattered in random places but they do contain most of the info you need to become a relative expert in UW-IMAP.
All in all I am very happy with UW-IMAP. I have been running it on Gentoo forever now (though I don't emerge it, I compile it myself) alongside Sendmail and Procmail and have never, ever, ever had a problem with it. Months of uptime, broken only my physical server moves...
FWIW, I'm running Cyrus/Postfix/SpamAssassin, and am very happy with it.
If you take a look at Managing IMAP, you'll get a good comparison of the major IMAP players.
Siggy Wiggy Figgy Tiggy a bana bo Biggy!
Buy a turnkey solution. One platform that I have had lots of luck with is Mirapoint. They have boxes to fill every need from small boxes up to large enterprise installations. When I worked at Cisco they had over half their email on Mirapoint boxes. They had a few IMAP issues several years ago but after I gave them the problem description, client software information, and a reference to where they were not following the RFC's they came out with a patch in fairly short order.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Microsoft Exchange
What... why is everyone looking at me like that?
I'll suggest CommuniGate from Stalker too. It's a really nice package. Amazingly robust and an easy install.
The webmail is unbearably ugly out of the box but it is easily skinned and the EudoraLook system is fantastic.
They have a MAPI connector and their LDAP is alleged to play well with others. The calendar supports iCal and vCal. They have pretty good clustering support. It is a fairly powerful package that scales down well.
Plus the user community is kind and helpful. Good stuff.
The downside of CommuniGate is the administration interface. The program has a lot of features but finding and configuring them is not always easy.
For five users I would go with nothing. Outsource it. Why maintain a server for five people unless you want to use that server as a learning environment. If it is a learning environment do you really want to use a production machine?
Good luck,
Dan
Have you considered Suse Open Exchange?
I'd keep all of the exchange zealots happy, and is significantly cheaper than exchange.
(I don't work for Suse)
Alex
Nearly 10k users, smtp box using sendmail, ldap with iPlanet on another and Cyrus on another box with the pages coming from the Web server pool. Except for the Web servers they were all two and four way SPARC/Solaris boxen, but it could easily (perhaps more easily) be some Linux boxen. We used horde for Webmail. If you don't have that many users you could do it all from one box. It took three of us a couple of weeks, counting planning and testing and hacking horde to work with our auth and template system.
My personal box now runs Redhat with SquirrelMail and uw-imap. I was a great deal easier to install and configure but I doubt it could support more than a few hundred users in this config. I put that up in an hour or two one afternoon.
You may to look at jobbing this out. Doing full time mail will take some experienced staff. You're still going to have to administer it as well.
Good luck.. Have fun...
I found myself in a similar situation to yours a few weeks back - no real interest/expertise with email, but I had to get an IMAP email server working fast.
I used Postfix on top of Mandrake, and put Courier on top of that. It works fine; there was no significant setup required; it worked straight "out of the box" and hasn't missed a beat since.
Others might be better - I didn't check - but Courier is certainly good enough for me based on this one experience with it
Don't forget that you can look beyond you own ISP and can easily choose any within your own country. A friend of mine dropped her up-front costs about 60% by outsourcing IMAP to a local telco. Client support costs dropped from around an hour or two per week per client to nearly nothing by switching mail clients at the same time.
You could probably even go with an established, reputable center outside your own country if it meets your needs. (Last year I cut one cost by 95% by doing just that -- geographical proximity does not necessarily mean the prices will be close!)
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
Huh? Neither of them come with built-in IMAP servers, which from where I'm sitting is a good thing... they deliver mail, and that's all they do, leaving a proper IMAP server to the job of doing that.
From the kroupware site:
I work for a major university with seven campuses and email supported centrally.
We currently support 180,000 users across 6 four way sparcs. We are somewhere close to 2 TB of mail data. We've been running with an average of 1 unscheduled downtime per year over the past five years.
We use sendmail + cyrus, with a few minor modications. We have no plans to move away from the cyrus imap server.
Cyrus (once set up) is a dream to take care of. Writing scripts to handle mailbox administration is done in perl (previosly in tcl) and you can set PAM up (or pwcheck if you are old school) to handle any authentication you need. There are web tools to do manual administration (check freshmeat.net) but in our environment, we accept account requests from a different department, and simply use a script to generate the account.
We run a modified Horde IMP with the UP imapproxy to handle webmail connections.
We currently average about 4 thousand concurrent logins to the IMAP servers themselves, across all clients (web, desktop, some pine, etc).
The current cyrus release will support a murder of IMAP servers, allowing you to use one namespace for multiple imap servers (you can spread your userbase across 15 imap servers -- imap1.domain.com to imap15.domain.com but only tell the clients to connect imap.domain.com) allowing you to add or remove machines from your pool by just moving the users from one machien to the next.
Over the years, we've tested UW, Courier, and various commercial IMAP implementations, and none has touched cyrus in terms of speed, reliability, and ease of administration. UW, even with the better mailbox drivers, is still slower, and generally (unless dealing with the MH driver which has its own limitations) still deals with everything as a single file, leading to some memory issues if you have several thousand users with political pull in your organization that don't want to delete anything.
Courier's maildir implementation also has problems with large mailboxes, as header indexes are generated from the mail data rather than cached, causing all files to be touched.
I understand that dovecot has taken a hybrid approach, caching header information while still using a maildir store. If header information is cached on local disk, the store can still be mounted via NFS. It is a good model, but we've found that IO is the bootleg in large email installations. NFS mailstores would give us flexibility with regards to redundant imap protocol servers, but the resource we are most trying to conserve (IO bandwidth) is still bottlenecked (theorectically at a single server IO throughput, realistically at NFS throughput speeds).
There is another project, dbmail (www.dbmail.org) that uses mysql as a mailstore. There are many gains possible using a database backend, but drawbacks as well...recovery of small amounts of data from backups is one. In any case, dbmail is not as mature as either UW or cyrus.
Mark Crispin (author of the IMAP protocol and the UW IMAP server) has said that cyrus is the race car of the IMAP world. Built for high performance -- the ease of administration is just something you get from free.
We run Courier on FreeBSD and Debian for our non-Exchange accounts. All of the servers really do have their own merit. I'd give you a lot of good reasons, but they really end with "it's the one we picked." Not a ringing endorsement, huh? But we are very happy with it (plus Exim + Squirrelmail + Spamassassin).
. ht ml
a il dir_imap.shtml
Here's two good guides:
http://ezine.daemonnews.org/200308/courier-imap
http://talk.trekweb.com/~jasonb/articles/exim_m
Both are easy to follow, and managing the mail store is as easy as managing filesystem space.
However...
I'm going to echo two other comments and add one other option:
1) pay someone else to do it
I know, you don't get control and don't learn about the software firsthand. If those are must-haves, skip to #2. If they aren't, even Oracle offers hosted solutions.
2) Communigate Pro
We looked at it, and we liked it a lot. It's pretty cheap, very mature and it runs on just about any OS you'd want (including my beloved FreeBSD). You can go get a fully-functional demo to run indefinitely with 5 users. The admin interface is complete if not stellar, and that's something that few of the other solutions mentioned will get for you.
3) Merak Mail Server (as a true wildcard)
It runs on Windows (egad, I know), but consists of open source pieces. And, it is obscenely affordable.
http://www.merakmailserver.com/
Amateurs discuss tactics. Professionals discuss logistics.
It stores mailfolders in a single file, i.e. a folder named INBOX is just a file called INBOX, and the Sent folder is a file called Trash.
:)
While this may be OK for simple mail storage, it also means that simple things such as subfolders is out of the question (thus making it virtually impossible to work with for people like me, and NO I will not resort to naming folders something like mailinglists-mailinglist1
At home I use Cyrus IMAP without any trouble whatsoever. As far as Outlook XP is concerned, all I had to do to make it use SSL to talk to the IMAP server was checking a checkbox saying "Use SSL"
Woah! Are you basing your comment on how you feel, or how the OpenBSD team feels? Because if your feelings on qmail reflect that of Theo DeRaadt, I'd be pretty quick to dismiss them. DeRaadt and DJB have had a long history of conflicts. In both cases, these are opinionated, adversarial guys -- and I take what they say with a grain of salt. As far as licensing issues with Qmail, some would consider it a strength (central ownership the final distribution from start to finish). Further, one could make very similar coments to yours about the viral GPL (or, for that matter, the BSD license) and be about as right as you -- but that would sound a whole lot like MS and/or SCO -- know what I mean?
-Turkey
Right on target. I promise -- if you use Gentoo for long enough, you will encounter problems. That's not to say anything particularly bad about Gentoo -- I love it, but it is bleeding edge. It's like having a homebrewed Linux distro...and that's how I'd consider it for a production environment: when I have a large enough team to properly support and test it. For business use, go with the big boys, RH, Debian, or SUSE.
Most folks don't have this choice. When your EU demands Outlook, you're stuck with Outlook. This is how I ended up running IMAP at my current position. The point is, it's a bad idea to dictate this kind of stuff to your EU's. These are the people who you work for. Alot of admin-types tend to forget this.
I run SqWebmail here for the webmail types, and courier-IMAP for the Outlook/ types. It's an adequate solution for what my users demanded.
-Turkey
Also, Squirrelmail plugs right into this architecture (I know, I run it, as do my friends). Throw a little OpenSSL goodness at it, and you have secure webmail on top of a very stable IMAP/SMTP platform. Judicious use of reiserfs will also provide big wins with large Maildirs.
I want to delete my account but Slashdot doesn't allow it.
UW-IMAP is great, if you're running a small organization and like to run garbage.
Try anything that supports the Maildir format, like qmail or Courier-IMAP. At my current job, we use qmail for SMTP, POP, and IMAP, and it works well. I don't really like it, but it gets the job done.
At my old job, we used Courier-IMAP and Postfix. This matches my at-home setup pretty closely, but they one-upped it by using the IMP webmail client, available at www.horde.org along with a whole slew of other web-based apps.
IMP is nice. It's in PHP, it's very slick, and it does everything fairly nicely. That said, it can be pretty slow.
The key part is the Maildir support. One message per file just makes sense. Locking issues don't exist, NFS suddenly becomes an option, and shared accounts are viable.
My distaste for qmail is just a personal opinion, though. It's a solid package, I just don't like half of djb's stuff, as it feels like it's reinventing the wheel, then adding said wheel to an already working car without removing the old ones. If daemontools were a full replacement for init, I'd be more interested, but so far, it's not.
Raptor
"Procrastination is great. It gives me a lot more time to do things that I'm never going to do."
First of all, I want to say I agree with the people for you to just outsource it. Email is just too much if you're going to handle it by yourself (I'm assuming you have other computing duties).
Or, why do you have to go with IMAP? What about POP3? James (http://james.apache.org) is a nice mail server, easily customizable too if you know Java.
It's fun to be able to "do-it yourself". But unless it's critically necessary to run your own email server, I recommend against it. There's alot to know to be able to do it right. And, unless you have a large user-base, or you have a critical need to run it yourself, I would recommend outsourcing it.
If you can't outsource it, I would highly recommend RH + CommuniGate Pro. They have a top-notch product with everything (SMTP/POP/IMAP/WebMail/LDAP, etc.) integrated, and easy to use. Highly recommended!
I run the Cyrus IMAP server with the Cyrus SASL security libraries, in tandem with Exim as my MTA, and Squirrelmail as a webmailclient. This has been running for some years now, and from what I can recall, the configuration was straightforward and minimal.
The documentation is good, and there is a Cyrus Linux howto at tldp.org. I love this setup, it allows me to read my e-mail with any IMAP-enabled client from any place. Cyrus also supports SSL, if you want it to.
This combination works well for small organizations; I use it and have set it up for clients under Red Hat, and would be happy to help.
I love and use Gentoo on my own desktop, but it's a bit too bleeding-edge for a mail server.
Things like:
how many users will you be supporting
expected traffic volume
What are you using for smtp? sendmail/qmail/whatever
Which web client are you using?
I hired a consultant earlier this year to move our 1,000 user Red Hat based email system from sendmail to qmail, install Courier imap, and horde/imp for web access. He charged about $3k.
This included migrating all the existing mbox format inboxes to maildir. Money well spent. Everything works well and best of all -- I didn't have to do it
When it comes to IMAP servers, there is a near inverse relationship between setup simplicity vs. the ability to handle large amounts of users and mails.
/var/spool/mail/$USER, other mailboxes are single files in $HOME/Mail). The most common mail delivery agents (sendmail, exim, postfix, procmail...) all use this format by default.
The simplest IMAP servers (e.g. UW-IMAPD) use the traditional BSD mailbox format (Your INBOX is a single file in
The problem is that storing all your mail in a single file is not very scalable. Once you have about 1000 messages in a mailbox, that mailbox becomes painfully slow to open. It is also a bit kludgy - basically, if a line in a mail message starts with the word "From ", then that line has to be altered (to e.g. ">From ") so as not to represent a new message.
The next step up in terms of scalabilty is to use the "Maildir" format, invented in QMail and now supported by a number of different MDAs and MUAs. If you use e.g. Exim or Postfix as your MTA/MDA, then a simple configuration change is all that is required to get mail delivered into $HOME/Maildir, using the "Maildir" structure. In this case, you would use the Courier servers (courier-imap, courier-pop3d, courier-imap-ssl, courier-pop3d-ssl) to provide IMAP/POP3 access. Also, MUAs such as "mutt" understand this format natively, so you can access your mail directly on the server without going through IMAP. (Of course, "mutt" can also read mail via IMAP).
Finally, the most complex to set up, but _superscalable_ w.r.t. number of users and mailbox size, are the Cyrus IMAP and POP3 servers. The Cyrus suite uses its own mailbox/folder structure, not compatible by any other software. (Like the Maildir format, each message is stored in a file, organized in subfolders representing the IMAP folder hierarchy. Message header/indexing information, however, is cached in a super-efficient format). One other advantage (that causes some complexity w.r.t setup) is its use of SASL for authentication - so users don't need user accounts on your server.
The trick is to get your MDA to deliver mail into your Cyrus folders. Cyrus provides a utility for this purpose, "cyrdeliver". One thing is to set up your default MDA (e.g. Exim, Postfix) to use "cyrdeliver" - another is to educate everyone who use "procmail" to filter their mail into subfolders in how to write appropriate ".procmailrc" (Procmail Run Control) files.
Personally, I use Cyrus on a Debian system (with a 266MHz National Semiconductor CPU). It opens HUGE mail folders (My "debian-private" mailing list folder contains some 10000+ messages!) within 5 seconds or so. I use Exim as my mail transport agent, mainly due to the sa-exim (SpamAssassin at SMTP connection time) plugin, and its built-in support for mailbox-filtering/forwarding a la procmail. Thus, I had to write some Exim delivery rules to use "cyrdeliver" both for INBOX deliveries, and to support mail sorting/filtering via "cyrdeliver". If you are interested in these modifications, send me an e-mail: "tor" at "slett.net".
We're using Courier and it's been wonderful. It also has SSL components such as Courier-SSL which work nicely if you want your email to make it to your inbox nice 'n safe :-)
If you love scripting and programming with the way your mail is displayed and organized you will love to read your IMAP mail in Zope and especially in Plone.
Less is more !
m
testing out my trending skills
If this is a company email server and there are costs associated with install, configuration, admin, then consider plunking down some cash. CommuniGatePro (from stalker.com) runs on just about any platform out there, is very solid, a bazillion features, and once you have it in place (very easy if you have a good understanding of email fundamentals) you can turn account admin over to HR...or even the receptionist. SSL, webmail, etc.
I don't work for Stalker, but I'm a good customer and a big fan. $499 for a 50 user. I run it in conjunction with MailScanner for piping through Spamassassin & Clam AV.
Sure, OpenBSD has got a great security record. But, Sendmail!? It has got a record that make it look like it was made by a certain company in Redmond!
Use something like Qmail or Postfix (made by the man behind tcpd).
Two points:
1) You missed my retraction/comment above about confusing the Postfix license with tcpwrappers. Although why you quoted that bit then went on about Qmail is a little baffling.
2) re Qmail, WTF are you talking about? All I did was agree to a point that it's license and the stated goals of OpenBSD were incompatible - is that not the case? I made no judgement about the validity of either side.
I don't know what kind of volume it consists of, though. It should be around 10 business emails per day per user, plus 100 spams per day per user, plus 100 misc. in total. So, maybe a grand total of 650 emails per day?
Our present SMTP server is being handled by someone else, so I don't know just yet what we have. I have courier installed on a test server.
We don't have a web client set up. I just use Yahoo! to read email, if I need to use the web interface.That's interesting. Why did he choose qmail?
testing out my trending skills
That's interesting. Why did he choose qmail?
I chose qmail. We are expecting to go to about 8,000 users over the next year. I wanted something that was bullet proof from a security point of view. (there is a $10k reward if you can find a security hole in qmail) I work at a community college. Students love to hack.
From the numbers you mention I would expect almost any product will handle the load. Also with 10 users it is not a real problem to visit each workstation for setup.
I would like to confirm that I understand what you are saying in the remainder of your comment. Are you saying the following?
Cyrus doesn't provide an option to make use of the maildir format even if we wanted it to do so
we should try to make use of the Cyrus format, no matter what
Exim & Postfix don't deal with the Cyrus format, nativelyCorrect?
Also, are you saying that mutt can actually create a psuedo-IMAP feel when dealing with POP3?
testing out my trending skills
You asked for opinions and experiences, and when finally provided with detailed information from someone who is heavily experienced in the matter, you tip your hat saying that you are going with this other one that you had planned to use all along.
You can't provide any technical or experienced based reason why you have made your choice despite being contrary to that of the professional's recopmmendations. Instead you respond with an emotional and false response of easier setup. YOU ARE AN IDIOT and you deserve all of the problems that you are about to bring on to yourself.
In case you failed to read his post he said, quite clearly, that Cyrus is faster, more reliable, more scalable and easier to administer than Courier. So you choose Courier. Good choice, Assshat.
That is correct. If you want to use the Maildir format, you'd want to use the "Courier" suite.
we should try to make use of the Cyrus format, no matter what
Not really. It is the most scalable format of the three, but (again) the problem is that it is unique to Cyrus, and that you need to use the Cyrus tools to access your mails (delivery and reading).
If you don't have such extreme performance/scalability demands, then Maildir is probably quite feasible, and it does have the advantage of being better supported by various mail software (Exim, Postfix, Procmail, Mutt, Courier-IMAP/POP3, QMail, etc..)
Exim & Postfix don't deal with the Cyrus format, natively
This is correct. Basically, you'd configure them to deliver mail via the "cyrdeliver" utility.
Also, are you saying that mutt can actually create a pseudo-IMAP feel when dealing with POP3
That I don't know, but I doubt it. POP3 is a protocol for downloading mail, not for managing it remotely on a server (like IMAP). It also has the limitation of dealing with a single mailbox (your inbox), not multiple folders.
Mutt can of course read mail from any IMAP server (including Cyrus), by using a folder name like "{user@server}mailfolder" ("mailfolder" can be omitted, defaults to INBOX):
I forgot to mention one more advantage that both Courier and Cyrus have over UW-IMAPD (and other BSD-mailbox based servers): The presentation of the IMAP namespace.
With UW-IMAP, "INBOX" is your mail spool file (/var/spool/mail/$USER or similar). The list of other available IMAP folders is collected from every file within your home directory. So, unless you configure your IMAP client (like Outlook Express etc) to look only within the "Mail" subdirectory, then all your files are presented as mailboxes. For instance, you will have an IMAP folder named ".bashrc" if you have such a file. (Of course, it will fail to open this file as a mail folder).
With both Courier and Cyrus, your IMAP folders are presented as sub-folders of "INBOX". So, you may have "INBOX.Sent", "INBOX.Draft", "INBOX.MyMailingList", etc. Naturally, you will only see real mailboxes (for instance, Courier will only look for Maildir-formatted subdirectories inside $HOME/Maildir; Cyrus maintains an index of your mailboxes).
Good Luck!
-tor
I thought that most web pages used client side image maps now. Why do you need server side image maps?
(I am an email administrator)
Here is the mix you want... though you didn't say how your user info is stored.. so I'll assume ldap.
- Postfix with ldap lookup tables for mail routing
- amavis-new with spamassin + sql (or ldap) for
per user white/black lists and scoring
- cyrus imap taking delivery via lmtp from postfix
and running saslauthd against whatever sort of
backend you have to authenticate users (flat
file,ldap,sql)
- Squirrelmail for webmail
- up-imapproxy to soften the blow caused by any
webmail system
In my setup I have a pair of failover LVS load balancers out in front of a pool of postfix systems.. they handle antispam measures and mail routing and I can adujust the volume to each as I need to. Cyrus may not be the easiest thing to setup... but it's worth the effort. I'd suggest hiring someone who does this all the time to implement it and show you how to maintain it.. if you don't have the time and resources to learn on your own. I took the extra time to do a distributed network stress test on this setup before putting it in production and it's never had any serious issues.
Every normal man must be tempted, at times, to spit on his hands, hoist the black flag, and begin slitting throats. -HLM
Regarding (2) -
I don't want to *reconsider* using Ms Outlook. That would be a step or two backwards from the Mozilla we use, which comes with fine IMAP support. The centralized-storage, universal-access model of IMAP is a very good reason to use it, with a good variety of clients available.
FWIW, we only have a small network, but UW IMAP has worked well.
Even though I'm a Gentoo fanatic I would recommend using Clarkconnect(www.clarkconnect.org based on Redhat 7.3) for testing. I installed this at a business several weeks ago(first ever email server I installed) and it was alot easier than I thought, I even got a Webmail interface up and going. If you want a easy to use interface for it I also recommend Webmin for administrating it unless you are really into command lines that is.
I've used E-smith at home for three years now. It's all web-based configuration once the initial installation is done. It provides IMAP (I think Courier, but I could be wrong), webmail (IMP-Horde), POP3, SMTP. VERY easy to setup - I was by no means experienced with Linux or email servers when I first set it up, and it's only gotten better with maturity. Plus, for a few bucks you can order support services which include secondary MX services. The latest version is based off of RedHat 7.x I think.
I have no relation to the folks at e-smith, I'm just a happy user.
Currently version 6 is in beta, probably to be released real-soon-now, and it includes the dovecot IMAP server. This is proving to be a champ of an IMAP server, particularly when integrated with the e-smith automation. It runs great on even low-end hardware, is proving robust yet easy to manage; a real winner.
My suggestion is to download a copy and take a look. Also check out the add-ons that take advantage of the e-smith templating & web management systems. There's even a marvelous set of Lazy Administrators command line tools for making bulk changes to accounts and settings. For a nearly turn-key solution it is quite impressive.
For those looking for support Mitel has a commercial version of e-smith called the Mitel Networks 6000 Managed Application Server which offers more groupware features and other nice things.
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
Cyrus is a very good IMAP server, but if you use it,
you must keep up on the mailing list, and start by
reading the recent archives -- the documentation is not
enough. Also, the O'Reilly "Managing IMAP" book is fine,
but it covers a very old and different Cyrus version.
They're pretty good at picking the best-of-breed open-source apps - presumably they spend some time on these decisions since they're going to have to support them millions of times over.
Anyway, maybe you just want a Panther Server so you don't have to spend as much time on it.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
I have been using Courier for over two years now. No remote roots ever or problems of any kind (I am amazed!). It's open sourced and a full package (esmtp, pop, imap, webmail and a thousand other things). It gets my vote.
I used it for a couple months because I wanted to have Maildir type mailboxes and wanted an IMAP server, it would crash all the time and give me all kind of troubles. I then switched to Binc IMAP (Binc is not courrier), which claim to be better than Courrier, but it was actually worse. It wouldn't last one week without crashing and send a lot of junk in syslog. I finally settled for dovecot with qmail. I have been running it for 6 months now without any problem.
have a look at http://www.bincimap.org/
first of all, for those that think qmail is a pain in the ass to install, qmail-conf takes all the headaches out of configuration.
http://www.din.or.jp/~ushijima/qmail-conf.html
Secondly, I've written a command by command howto for qmail
http://www.killerfocus.com/howto/qmail.txt
Thirdly, if you want an all-in one solution, instead of installing Courier-IMAP, you can install the whole Courier Mail Server. It includes pop, imap, webmail, webadmin and optionaly SSL on everything.
I've installed several Courier-IMAP servers on very loaded systems and they always worked like a charm.
.
Courier-IMAP is simple to set up, yet extremely configurable and easy to customize for special needs (especially when you need a specific authentication backend).
It supports IMAP over SSL by default and the package also includes a POP server. So setting up a POP/IMAP/IMAPS server is simple, using only one software.
No compatiblity issue even with picky clients.
The Maildir format is a plus and it integrates very well with Qmail and Postfix. What else to expect?
Dovecot is also very nice. Not as flexible and feature as Courier-IMAP, but I use it on a personal server and it works very well so far.
I tried Cyrus, I just hate it. SASL is silly, why reinvent the weel? Cyrus is an horror to configure and the documentation rather sucks. The code is spaghetti. A bunch of remotely exploitable vulnerabilities have also been discovered. And it uses its own format to store mails, that is just incompatible with everything else and that doesn't scale (what happens when you got more that 32k subdirectories on an ext3 or UFS partition? Nothing works any more)
{{.sig}}
Outlook Express has outstanding IMAP support. No, I'm not kidding and yes, I know this is /.
But I can't find another win mail client that works better for a large IMAP mailbox.
(Outlook horks, btw, only Express works)
Looking for freelance Actionscript (Flash/Flex) or ColdFusion work and/or freelance developers. Email me, put Slashdot
[n/t]
Most of the packaged solutions are either unattractively expensive (if commercial) or unattractively difficult to manage (if open source). The open source solutions tend to be extremely bad at integrating inbound mail management with outbound mail management. We developed a database-backed e-mail store and integrated it with postfix (front end) and uw-imap (back end) as it was easier to write the code for that than work out how to deploy the stuff out of the box with "virtual" users. Outsource it and forget it (Tucows has a really cheap solution...)
Hope the fellow in Australia doesn't mind a mild Slashdotting, but I found this very thorough HOWTO on a possible setup for you. It consists of RedHat9, Postfix for SMTP, Maildrop (not procmail) for delivery, and Courier-IMAP for the server.
Can't attest to its accuracy (haven't followed it), but it might be a good guide.
Look at the tomato! Isn't it sad? He can't dance! Poor tomato!
Yah, you're right. I don't know where the hell that came from. I must have been reading is as opinion instead of "the way it is". What can I say? My foot's in my mouth.
--Turkey-Turkey