Slashdot Mirror
Best Way to Handle Email for a Small Domain?
CorkBobbingInTheSeaOfLife asks: "Our company just had its bi-annual email crisis/outage, so my boss wants to try something new -- to give me the 'opportunity' to figure out and implement a better way to host our small domain's email. We've changed hosts a few times, but whether we spend a little money or a lot none have been as reliable as we've liked -- companies fold, get blacklisted by AOL, and so forth. Is there a way to be smart about this, without hiring a dedicated email server pro? Do reliable email hosts actually exist? Should we run 'email appliance' software (such as ClarkConnect or E-Smith) on our own server? I'd appreciate any tips here - hell hath no fury like people without email, and I am very afraid..."
Sometimes the "simple" answers are the best. Yes, run your own email server. It doesn't have to be E-Smith, you could run your own flavor of *nix. Set up Mailscanner/SpamAssassin/[Generic Virus Scanner] and your users will be fairly safe and happy.
/bin/false.
You can also set up something like OpenWebMail and allow them to access email from the web. Even via HTTPS, if you like.
Further, if you have an INTERNET outage, your people IN OFFICE will still have access to their email accounts. That translates as no immidate "I cant access my email" whines. And if ARIN.net lists your company (or you) as the authority, you can PERSONALLY deal with any major ISP to resolve blacklistings. I've had RoadRunner, AOL and ATTWORLDNET blacklist a series of IPs within which our email server happens to reside -- each of those were resolved within 24 hours.
Important Notes:
Be sure (PRACTICE!) that you know how to back up and restore your system.
Unless they NEED shell access, point all users to
Shut off EVERY service you do not NEED.
Cheap/Easy IDS: Personally, I like portsentry + SSH on non-standard ports. Your system would need to be scanned to find your SSH server... and portsentry would ban IPs trying to scan. It's not 100%, but will keep out the script kiddies.
We use DreamHost for our web and email hosting. They're cheap, the plans offer lots of space, functionality, and bandwidth, and we haven't had any problems with email or web downtime in the three years we've been with them.
This space intentionally left blank.
My recommendation would be to run a QmailToaster from http://www.qmailtoaster.com/. I've run this for three years, it's very simple and easy to use. There are scripts that will install the entire setup from beginning to end.
Then you can get a company like postini or dyndns.org or something to act as a backup mail server in case yours is down.
I'd recommend joining the QmailToaster mailing list first, to get a feel of the community.
Can I get an eye poke?
Dog House Forum
If you're less 50 users, might just want to consider bringing the email in-house. Find a server that can stay up, install BSD and Postfix on it, and you're good to go. If you want windows, go with Windows 2003 server and a copy of Imail.
Don't want the job of handling email? Handyhosting has been relatively trouble free for 3 years now. I've also had good experiences with Linkline at my former job.
...in bed
Get everyone a gmail account, and forward their old addresses to there.
.sig including the business name, phone, etc.
The price is free, the features are good, and the drawbacks are negligeable if you set everyone up with a good
The unofficial
If you are familiar with MTA's, MDA's etc, the the solution is definetely to host your own, and have a backup host on the net as a relay, just in case your box/connection go down.
Keep in mind tho, that instead of blaming XYZ email hosting company, that you will be the focus of blame for any outages.
Otherwise, find a place that will give you a service level agreement for how many ever 9's management is willing to pay for.
There are other requirements for any mail solution you'll ignore at your peril:
- Backups - Make them and test them
- Virus Scanner - Even a Linux house needs to worry about Macro Virii, etc.
- Spam Filter - Sometimes comes with the virus scanner
- Firewall - You need one anyway, make sure it's not based on the same OS as your server
- Data center environment, such as cooling, conditioned power, physical security are all good things to have
- Backups - Make some more, test them again
--Mike--It would rock if you could simply point your MX records at smtp.google.com and let them do the rest. We get a great webmail, Google gets loyal customers.
Qmail is a good place to start, seems to be easyer to configure than sendmail. Qmailrocks.org has a nice set of instructions.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Although you'll get made fun of for not knowing everything there is, qmailrocks.org offers fairly simple instructions on setting up qmail with ClamAV and Spamassassin.
If you know nothing about mail you can learn enough in a few days to get qmail up and running. The mail list and forums are highly active and full of people willing to help you.
As outlined in earlier posts, you have quite a few options when it comes to email service.
You can have it hosted. This is probably the easiest option. It sounds like you've had some bad experiences with this, and may be wary of it. You will have the best luck going with larger, more established hosts that embrace modern technology and have a strong, well documented, and well enforced AUP (that bans all kinds of spamming).
The second option has also been mentioned. Run a small Unix-based email service out of your office. This is probably the cheapest option, and depending on whom you compare it to, day-to-day management and troubleshooting can be quicker than a hosted service.
The third option is going to be an unpopular one with the Slashdot crowd (and in some cases, understandably so). Check out Microsoft Exchange (try the one bundled with Small Business Server). There are other groupware applications out there, and some (like Novell/SUSE's OpenExchange) are worth consideration...but nothing is Exchange. If you're already a Microsoft shop, you should definitely consider it as it integrates well with the MSFT software that you already have. Of course, it's budget dependant (and is an expensive platform to use). In your case with a small shop and limited experience, I would have a third party come in and set it up for you, and sign up for a service contract.
For an end user (especially management types), Exchange has every feature under the sun. It would help if you identified your goals (specifically budget and featureset desired) and then decide on what product is best for you. However, I would advise you to leave no option off the table, even if you have personal issues with the software. Also, all of these options are available as hosted solutions. However, it's important to weigh out both the benefits and drawbacks to hosting. Benefits are relatively obvious, and some drawbacks are that you lose control over your service, and certain quick tasks (like a password change) can take hours or even a full day for them to get around to.
-Turkey
What's wrong with the above person making a commission? Well, absolutely nothing. You make it sound like telemarketing or something, when it's not even in the same ballpark. It's not like the end user gets a lower price. There is nothing ethically wrong with affiliate programs. Move on, spend your time grousing about things that matter.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
(redundant, but concise)
Most of your out of the box solutions will do well for you. If you're under budget constraints, or just want the reliability of an "appliance" (after it's all configured and running) any of the downloadable *nixes will do you well. Debian (my pref), Fedora, or *BSD, for example, include postfix for the SMTP portion, a selection of IMAP and POP3 services to choose from, various web-mail interfaces, etc... right out of the box (or I guess ISO).
If it were me (and it has been), I'd go with Debian/postfix/courierIMAP, then once running, add things such as Webmin for easy browser-based management. Then add something like squirell mail to get the oohs and ahs from the users. From here, you can choose from a multiple of providers for an e-mail "Store-n-forward" service to get and hold your mail if you have an outage. If ~they~ have an outage, you're the primary MX so you won't notice. If you're both out... well, that's a bigger problem.
The safety net here is that if your storage provider of choice decided that they don't want to be a company anymore, you change providers, the users are not involved. If you have catastrophic failure, your mail is being held (and may be accessible) until you put "something" online to start your service again. You will also be able to setup and run your local e-mail, then shop for the outside provider.
--- no sig to see here... move along.
I can't answer your main question, but i'd advise against E-Smith. It's a nice product, but the community around it has degenerated to a point where we've decided to move our small company server to Fedora or something else generic.
It's a shame, as it is a nice system for small companies. What's ClarkConnect like then?
I havent seen it mentioned yet but Lotus Domino srait out of the box is fairly easy and has many after market products. Lotus also has a large user/admin community. It is pricy though.
I would suggest RedHat or CentOS running CourierMTA http://www.courier-mta.org/.
The standard Courier bundle has everything you need for a mail server (web administration, webmail, imap4, pop3, TLS/SSL, filtering, mail lists, fax support, etc...). If desired, all you need to add is SpamAssassin and a virus scanner. I have been running this combo for years with great results.
-Nathan
How many small companies out there that simply have their employees use AOL for the company email? Even when they've paid for web hosting for their own domain? Too many, that's what!
Damien
The problem, as seen in the Book Reviews section all the time, is that people spam the threads with "recommendations" just so they can get their referral fees. Does this guy really like the service, or is he just trying to get a few bucks?
Try skimming any book review on Slashdot for kaleidojewel's Amazon-whoring, and you'll see why it's a pain in the ass.
DIY
Hosted
I ran my own mail server for my various domains, and have set up mail servers for companies. currently I'm using Fusemail for my personal and consulting email, and I'm starting to think that I would recommend it for most small companies.
The reason behind this is, I don't have the time to do the administration myself. I have other work priorities, and messing around with a server all the time is not one of them. The other benefits are, network synchronization of calendar, IMAP, server side sorting, and eventually Outlook pluggability (good for PDA users).
You can do this stuff yourself, but it takes time and is not always reliable. The down side of picking an external provider is, when your internet goes down, email is down, even internally. That can hurt a company and your credibility.
With that said, I would look potentially at email service providers (not web hosting providers) for an external solution, and probably exchange for an internal solution with groupware, and other unix solutions for internal email without groupware.
What you need to decide is how much responsibility you want for being the point person on email. If you're already afraid of the result, better to hire a domain expert, and one that's been in business. Get a good SLA (service level agreement), and assure that your internet connection is either redundant or up most of the time.
-- Bird in the Bush: The Renewable Energy Blog http://www.birdinthebush.org
I use a linode.com vps to handle my email. I don't know that it's not a great solution for a company, because it's got a bit of a kludgy feel to it, but for a person with a vanity domain, it's pretty good.
I use my domain registrar's DNS servers, use a SMTP server on the vps to catch mail for my domain, and forward it from there to two places -- a pop account provided by my cable company, and a gmail account.
Gmail is nice because you can configure the "reply-to" address, so outgoing mail acts as if you're sending it from your own domain.
It sucks to pay $20 a month to forward email, there's no doubt about that. But you do have a server -- if you want to do anything with php and mysql, you can, or you can run a vpn, or whatever.
You can also do whatever you want with spam handling, etc.
I had worked in a small company as well, and our attitude was always outsource it for your sanity. Often, when the company's small, you don't have an IT team -- you have yourself and maybe one other person. On top of that, you don't usually have the chance to overlap and both be knowledgeable about all things.
So while there are apparently a lot of people extolling running your own server, I would strongly suggest outsourcing it because there is going to be sometime you're home or on vacation or out at dinner and something happens to the mail server and you can't be reached right away or even just don't want to be reached.
We never thought it was wise for our company to put all responsibility on a single person. It just doesn't provide the level of security we needed.
That being said, I've run a Qmail server now for a couple of years with a bare minimum of issues and I would still choose to outsource for our company's primary email needs. As others have mentioned, you have at least a decent handful of well-established email hosts to choose from, from people like Register.com to USA.net. USA.net can even integrate so you can run your own Exchange server but they provide all kinds of backup services for it. Great if you need the flexibility to manage something specifically geared towards your business but also want the security of an outsourced provider.
Look into what Apple has to offer. Mac OS X Server looks very nice. It will run on anything from an old iMac to a Xserve G5. It features spam filtering, web mail, anti-virus, and encrypted connections.
I haven't used Apple's server products since the days of Mac OS 9. I'm just a fan of their products.
I am armed because I am free. I am free because I am armed.
So you're unhappy with 99.5% uptime.
(assuming that those two outages per year are for a full 24 hours...)
So you're not going to be happy with a solution that involves having someone else do it...
There is no such thing as 100% uptime.
While better than 99.9% uptime hosting does exist,
you're not likely to find one without doing a lot of work, and even then there will still be outages.
There isn't an ISP in existance that will both let a random company do email, and not be on some blacklist somewhere.
Best advice I can offer is to tell your boss that despite the problems you've had with [best service provider to date], there aren't any better solutions available, and you recommend living with the problems, rather than dealing with a whole new set of problems.
Anything else would set you up as the fall guy when email breaks in the future.
-- Should you believe authority without question?
Disclaimer: I work for a _very_ large email hosting company. If you have less than a few thousand users, don't even think about hosting with us.
Your choices will depend on budget and administrative flexibility.
1> Outsourced hosting: This is probably the easiest and cheapest method available. However, it is also likely that if your hoster is primarily a webhost, you will be hurt by someone else putting up bad scripts or software on the same box.
Going with companies dedicated to hosting email is probably a better choice.
2> Running your own server colocated in a datacentre: This gives you full control on the box, and attendant responsibility. If you choose your hosting company properly, you will find that you can email almost anywhere. (There _are_ people who will block even large hosts with very little justification).
3> Do it inhouse: You need minimal business class connectivity (permission to run servers, static IP and proper reverse DNS). Hire someone to setup the box for you, or use an appliance. Using a non appliance box gives you more flexibility, but some more responsibility as well.
What you need to do is decide on
a) What OS/distribution to use.
b) Which MTA to use
c) Which IMAP server to use.
I would go with a well supported Linux distribution (RedHat/SuSE for the commercial, Debian for free) or a FreeBSD 4.x box. My personal MTA of choice is Postfix, with Courier-IMAP doing POP3 and IMAP with webmail served by Squirrelmail.
If you _need_ a web based UI for management, use Webmin.
For spam filtering, SpamAssassin and Clamav for the antivirus. Wrap both these with amavisd-new.
The documentation for all these products is excellent, and plugging stuff in is trivial.
Your (Free) alternatives for MTA are: Exim, Qmail, Sendmail.
For the IMAP server: Cyrus, Dovecot and UW-IMAP.
Some people here recommend a backup MX. I would suggest avoiding the backup MX, since mail is queued for 5 days normally. If you have downtime > 5 days, you have bigger problems.
The cost of doing this inhouse would be in terms of the time you spend in updating packages and reading the documentation.
I can throw myself at the ground, and miss.
Magma has incredible service and support and in my experience is about as rock solid reliable as you will find.
If there has ever been an e-mail outage I certainly haven't noticed it in several years. And I rely a lot on e-mail.
Great anti-spam filtering too.
Three Squirrels
I know the original question said they'd tried cheap and expensive providers with the same results, and this isn't aimed at them; just a general comment:
We run a (low cost) email service, and had a few hours outage on one of our servers recently. Of course, we had worried customers phoning all morning, but the classic moment came when one particularly persistent woman phoned (for the tenth time in the space of a couple of hours), and started yelling again.
"Don't you understand how vital email is to my business!??!" she shouted, to which the harassed support consultant replied: "if it's that vital, why are you only spending ten pounds a year on it."
Not exactly an example of good customer relations, but it does say something about the value of the service: If it really is that valuable to you, then pay the price and get the guarantees. If it isn't vital, then pay less... but don't feel you have a right to get upset when it goes down for a few hours. As with everything else, you get what you pay for.
Provided you have a stable fixed IP, host the e-mail server yourself.
You said you are a small company, but you haven't said what do you mean with "small".
Let's say 500 mail accounts. OK; let's say 1000 accounts.
Your easiest and safest bet is looking for a savvy Linux sysadmin/free lancer to implement it for you. Provided everything is in place (hardware, connection and your VISA card if you don't own an Internet Domain) it won't take more than two days (I'd say 5-10 hours of -relaxed, work). He will do the "hard tricks" (it is not so hard, really, it is only e-mail is VERY visible within a company, so mistakes hurt badly, as you surely now), and then 95% of daily administration can be delegated to you (maybe with the aid of a dirty hacked web interface), or even remotely managed by him (no more than ten minutes a day on average).
I for one do this for my clients, and it is probably the easiest service for me to have them satisfied about. Easy, efficient, secure and reasonably priced.
"Do reliable email hosts actually exist?" you questioned. Of course, it depends quite a bit on what you exactly mean with "reliable" but, yes, they exist to the (definable) extent you need, and it is probably easier and cheaper to hold it within your own company than you seem to believe.
Thanks for the tip. I've had sociological problems in the past with Dreamhost, and it is interesting to know it is still happening.
I don't know how many people you have working under your domain or what business you are in, but perhaps you could consider a move to a forum based solution. If your business does something that would benefit from a community-based forum, I recommend going in that direction.
Just a small-timer's observation, but I have pursued running a mail server for a small web site I run, and I found the process to be defeating in every way. SMTP, POP, and DNS constitute a remarkably arcane way of sending text-based message between computers. Just something in me feels that it should no be this complicated. Alas, it is what everyone uses, so that's the way it will be for a very long time.
I know there's plenty of mail admins running around here that will read this post and want to have a meltdown, because they think I am a moron. I just can't help but believe I'm the only one who feels that mail admining is too complicated relative to its importance to smaller (individual) groups.
Disclaimer: I work for FastMail.FM
Many of the customers we pick up previously used either free email services or an email component of an overall hosting company. The problem being that since email wasn't the primary business of their provider, it wasn't treated with the priority that email users need.
A good place to compare services and read reviews is EmailAddresses.com. There are forums specifically for a few of the bigger dedicated providers there, as well as more general discussion areas, and the owners of many of the services read the forums. While they are mainly aimed at the free services, there are paid services listed as well.
totally nasty
Hosting your e-mail in-house doesn't mean you need an expert on-staff. Find a local consultant who can setup , e.g. linux/postfix/cyrus/mailscanner/clamav/spamassassi n, and show you how to add accounts and manage the quarantine.
Work with him to refine the configuration for your enterprise and you'll have a hot, fast, nearly ideal e-mail system.
It may need a few hours of love every few months for updates but not much beyond that
Oh, and for the love of God, don't skimp on the UPS for the server and let it shut down cleanly when necessary. Why yes, I did just pull an all-nighter because of this.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
I use a multi-vendor solution to this problem. I subscribe to Postini for virus and spam services, which has several benefits. First, they provide spooling services should my email server become unavailable. Second, ALL inbound and outbound email from my domain passes through their server, adding a layer of protection for my email server and the email servers of our customers (should an internal virus outbreak occur). Third, our MX record lists Postini IP addresses, so I am free to move my email server wherever I choose by simply changing the email server IP address in my Postini config. This strategy has also resolved all my blacklist problems. At this point in time, I do happen to outsource our Exchange server to an ASP. Although I haven't had the number of outages you are reporting, I'm not sure I'd recommend the company I use. One item I would add to any contract though - require the ASP to provide monthly backup tapes so that if they are hit by a meteor, you won't lose everything.
Looks like this was posted durings kids' half-hour so I'll un-recline my chair and get my hands on the keyboard...
...
Firstly let's return to the requirements. You say your boss wants something "better" and you illustrate the point by mentioning an "outage". Okay we've got a little bit to go on there. Furthermore you talk about experience with "hosts". Think I might be able to guess where you're coming from here. Think we might be able to discount Linux.
Anyway, I digress: what exactly was getting to your boss? Was it "could not connect" messages that Outlook Express threw up? I suspect that was the big issue. The users aren't to interested in the vagaries of the SMTP protocol; they just want those damned messages out of their outbox. Answer: use a mass-market Windows mailserver like Mail Daemon. A monkey can install this and get it running.
That server should simply act as a waystation. Your main server should be *hosted* - ie in a data centre with fault tolerance, backup, fire prevention, what-not,
This kind of hosting is dirt-cheap. It starts at about a dollar a month and goes up. Get two packages; 90% of 'outage' is simply down to incompetent staff wilfully wiping accounts as opposed to actual technical issues (like thinking payment hasn't been received when actually they botched their paperwork at their end). When this happens you move your DNS over to the other space *immediately*. Get two domains and 90% of the hassle associated with this scenario can be ameliorated as well.
Hope it wasn't too late for me to post this.
This one should answer the "host my own server" question for you...and hopefully give you a smile. http://ars.userfriendly.org/cartoons/?id=20050603& mode=classic
I use Merak mail server. www.icewarp.com Very simple to use. Works great. Big or small.
it's
1. Contraction of it is.
2. Contraction of it has.
Linux Software Raid 1, with 1 hot spare (so 3 HD's total).
Another box next to it for HD HD backup.
Burn a copy of your email nightly (incrementally) try HDUP, good program, easy to use.
run courier with spamassassin, clam for viruses, and you are done.
My box is a lowly AMD Athlon 1700+, I can do a few thousand emails an hour without problem.
If your in need of something a bit beefier than that, then:
Hardware RAID 1, FreeBSD, Postfix.
Exchange is overkill, and overpriced.
I would suggest checking out the "SME Server" distribution available at http://www.contribs.org/ as it is the new and improved version of what was formerly known as the "e-smith server and gateway". A couple of years after Mitel acquired e-smith, they helped transition support for their "developer release" over to the developer community centered around that web site. That group has had some ups and downs, but seems to now be doing some good stuff and on a solid track. It's well worth a look. I use it at home for my small business and it's rock solid.
use a mail-forwarding service to ship it all to Gmail accounts ? :) If you're not that worried about your users sending out corporate secrets or whatever it would solve a lot of the logistics :)