Best Way to Handle Email for a Small Domain? 126
CorkBobbingInTheSeaOfLife asks: "Our company just had its bi-annual email crisis/outage, so my boss wants to try something new -- to give me the 'opportunity' to figure out and implement a better way to host our small domain's email. We've changed hosts a few times, but whether we spend a little money or a lot none have been as reliable as we've liked -- companies fold, get blacklisted by AOL, and so forth. Is there a way to be smart about this, without hiring a dedicated email server pro? Do reliable email hosts actually exist? Should we run 'email appliance' software (such as ClarkConnect or E-Smith) on our own server? I'd appreciate any tips here - hell hath no fury like people without email, and I am very afraid..."
Simple Answers... (Score:5, Informative)
You can also set up something like OpenWebMail [openwebmail.org] and allow them to access email from the web. Even via HTTPS, if you like.
Further, if you have an INTERNET outage, your people IN OFFICE will still have access to their email accounts. That translates as no immidate "I cant access my email" whines. And if ARIN.net lists your company (or you) as the authority, you can PERSONALLY deal with any major ISP to resolve blacklistings. I've had RoadRunner, AOL and ATTWORLDNET blacklist a series of IPs within which our email server happens to reside -- each of those were resolved within 24 hours.
Important Notes:
Be sure (PRACTICE!) that you know how to back up and restore your system.
Unless they NEED shell access, point all users to
Shut off EVERY service you do not NEED.
Cheap/Easy IDS: Personally, I like portsentry + SSH on non-standard ports. Your system would need to be scanned to find your SSH server... and portsentry would ban IPs trying to scan. It's not 100%, but will keep out the script kiddies.
Re:Simple Answers... (Score:4, Insightful)
Re:Simple Answers... (Score:5, Insightful)
Most of the problems associated with an outage (power or network) can be handled with an MX backup service. It wont save you from a natural disaster that takes out your business, but it'll handle the 24-hour power failures...
Re:Simple Answers... (Score:2)
Re:Simple Answers... (Score:3, Informative)
Most of the problems associated with an outage (power or network) can be handled with an MX backup service. It wont save you from a natural disaster that takes out your business, but it'll handle the 24-hour power failures...
Most companies don't work in the dark and without power. If this one does, they most likely have backup power of some kind as well, so if email is that important even when the power is
Re:Simple Answers... (Score:3, Interesting)
Maybe if you found a backup MX host that did proper filtering. But then why not have them host your email?
Re:Simple Answers... (Score:2, Informative)
Another problem with using backup MXs is the extra traffic generated by bounces for invalid recipients. Some poorly implemented RBL services have been known to blacklist you
Re:Simple Answers... (Score:2)
Re:Simple Answers... (Score:2)
Have 2 MX backups the highest priority backup,
is a normal MX backup.
But the lowest priority backup is a SMTP Tarpit.
Normal email servers will try the highest priority
backup if the primary is down.
Most spamers go for the lowest priority MX and will hit the tarpit.
Re:Simple Answers... (Score:2)
Although I'd bet you'd still get quite a bit of spam on the intermediate-priority MX servers.
Re:Simple Answers... (Score:2)
I currently host my mail in a datacenter (along with our webserver, etc). I was actually looking at moving it in-house. I do have a "server room" here that is locked, has everything
Re:Simple Answers... (Score:3, Insightful)
If you don't want to give shell access, don't give an account at all. Create a dummy account (e.g mail-users), and let Postfix manage virtual users linked to this dummy account.
Postfix can manage virtual users pretty easily, and can store them the way you like (e.g, if you want to manage your addresses with a web interface, postfix-mysql is adapted, if you use LDAP, you can use postfix-ldap, etc..)
That way, you can have users with a mai
Re:Simple Answers... (Score:1)
This is how I'm setup. Postfix with a MySQL backend. Mail is filtered through a virus scanner and SpamAssassin. I just use phpmyadmin to handle the database, but I'm pretty sure there are web packages available... if not, its not that hard to create one.
Works, great, is reliable as hell, and I've yet to see a virus sneak through. Some spam does, but that's mostly because I haven't really setup the bayesian filtering yet.
Re:Simple Answers... (Score:1)
If you're looking for server-side spam filtering, bayesian filters are not the answer. Bayesian filters depend on each user's usage and definition of spam, so it could work if there was some kind of protocol of reporting junk messages between the mail client and the daemon (for each user), but afaik, it doesn't exist yet or there is no
Re:Simple Answers... (Score:1)
Re:Simple Answers... (Score:4, Insightful)
Make sure you know what you are doing. If this is your first e-mail setup, don't throw yourself into the water before testing several possible scenarios.
Service doesn't come up?
Service is up but doesn't answer to SMTP requests?
SMTP is up, but email is being rejected?
Emails are received but never get to the appropiate mailbox?
etc, etc.
Make sure you know how to trace an email using your server logs. Make sure you know how to emulate an SMTP session by hand (telnet to smtp port)
Like Jhon said, practice backup and restore. This can't be stressed enough. Every so often, try a restore from scratch (bare metal restore) to an unused machine. Make sure you keep spares handy.
Make arrangements with somebody to keep a mail fallback server (your ISP might offer this service) just in case your network goes down.
If you don't have the bandwidth, think twice about hosting your own email. Spam attacks, joe jobs, virus outbreaks can clog your pipes.
Simple answers are the best. But if you don't have the know-how or won't hire somebody with the know-how, the simplest answer is to keep outsourcing your email.
Re:Simple Answers... (Score:2)
Re:Simple Answers... (Score:2)
Re:Simple Answers... (Score:2)
Re:Simple Answers... (Score:1)
I've tried talking to the sys admins about it, but they are all zombies now.
Make sure you have a static IP and better yet make sure your ISP will reverse it for you.
Re:Simple Answers... (Score:1)
Re:Simple Answers... (Score:2)
But, yes, you MUST be careful with it... Your point is valid and I just glossed over it (it's slashdot, not a 'how-to'). Someone malicious with some insider knowledge of who your company corresponds with *COULD* cause some trouble. But that problem is small compaired to the protection and ease of set up offered by portsentry.
I would also suggest setting up a cron job to release rout
DreamHost (Score:1, Informative)
Re:DreamHost (Score:2, Informative)
Re:DreamHost (Score:2)
Regardless, I don't see why you would have a problem with DreamHost paying me as thanks for referring a customer to them, unless you're just a jealous, mean-spirited jerk.
Move on. (Score:3, Informative)
Re:Move on. (Score:2)
Re:Move on. (Score:2)
Re:Move on. (Score:2)
It seems sneaky and underhanded to me. How do I know they're not some huge spamhost that's going to get my site blacklisted, if I can assume that the only reason he'd recommend it is to get paid?
Re:Move on. (Score:2)
If you buy immediately after clicking the link anyway, you're a fool.
Re:Spam is spam (Score:2)
Re:DreamHost (Score:3, Informative)
Re:DreamHost (Score:2)
Re:DreamHost (Score:2)
Re:DreamHost (Score:1)
Re:DreamHost (Score:2)
BTW, the free domain registration is in your name, not theirs, and you can transfer it away at any time. I took advantage of mine but transferred it to Netsol where the rest of my domains are. The services are still hosted by Dreamhost.
(yes, that's an affiliate link, but at least I'm working for i
Re:DreamHost (Score:2)
Re:DreamHost (Score:4, Insightful)
They WILL NOT get back to you with a service problem within the same work day, unless every site they are hosting is having problems. There is no way to contact them by phone, unless you email them and request them to call you at a certain time, but that certain time always has to be the next day for them to actually call you.
I have had email go out 4 times in the past year. Each time it was only down for 1-2 hours. However, not only was mail not received, but the mail BOUNCED. Not only was I dealing with people in the company not getting email, I was getting email from users trying to contact people at our company wondering why mail to our company is bouncing. After each of these occurances I asked them what happened and if it was corrected. They actually would tell me they don't know what caused it, and they don't know how they fixed it.
Very frustrating, since It keeps happening. The only good news is, when this problem occurs many sites are affected, so they resolve it within a few hours.
Another issue is that to create a new email or user account you have to use their web interface, and the lag time between when you hit submit on the website and when the user can get mail has been 5-6 hours for the past several months. It still says the delay is only 2 hours on the website, but it is incorrect.
There are many many other small things that annoy me, I was thinking about moving the company site and email off dreamhost, but I got a new position where I do not have any responsibility for this stuff.
It is VERY frustrating. I would 100% recommend Dreamhost for a personal server due to their cheap price and good features. However, for a commercial business it is VERY frustrating having noone to deal with for several hours when things go wrong.
Thanks for the tip about Dreamhost (Score:2)
Thanks for the tip. I've had sociological problems in the past with Dreamhost, and it is interesting to know it is still happening.
QmailToaster (Score:3, Interesting)
Then you can get a company like postini or dyndns.org or something to act as a backup mail server in case yours is down.
I'd recommend joining the QmailToaster mailing list first, to get a feel of the community.
Re:QmailToaster (Score:2)
Qmail is Great if your a sysadmin, and/or programmer, and you do not mind dinking with several different patch sets, and don't mind recompiling, and installing stuff yourself until it is setup just the way you want.
Oh, and what happens if you leave the company, who is going to take care of it if qmail breaks, or needs
Re:QmailToaster (Score:2)
Qmail alone is pretty bad, but QmailToaster is a Qmail distro that makes everything easy. Check it out before you start lumping it with previous experience, at least look at the page.
Qmail is Great if your a sysadmin, and/or programmer, and you do not mind dinking with several different patch sets, and don't mind recompiling,
Re:QmailToaster (Score:2)
I use QmailToaster, and you still have to compile everything, and make sure the dependancies work out when you update anything. This is not a trivial matter for many smallish offices.
Try Inter7.com or various other Qmail service providers.
Do they provide prebuilt binaries?
Re:QmailToaster (Score:2)
Have you used the scripts? Things need to be compiled, sure, but there are scripts to resolve all dependencies on your system, compile the QmailToaster & install it for you in the correct order. How much easier can you get?
Do they provide prebuilt binaries?
No one does, it would go against the Qmail license. They do however
Re:QmailToaster (Score:2)
What? You go to all the trouble of composing such a detailed grammar troll, and you don't point out the glaringly obvious grammatical error in that "obnoxious message", choosing instead to only point out the missing punctuation?
You should try to not give yourself away as a loser
Re:it's (Score:2)
Stupid Americans... they take a perfectly servicable language and go and corrupt it beyond usefulness... Oh, well, your point is taken; "it's been" is acceptable usage for you guys... I stand corrected...
Things that I've seen work.... (Score:3, Interesting)
Don't want the job of handling email? Handyhosting [handyhosting.com] has been relatively trouble free for 3 years now. I've also had good experiences with Linkline [linkline.com] at my former job.
Re:Things that I've seen work.... (Score:1)
Re:Things that I've seen work.... (Score:2, Interesting)
Go the other way around. Go and hire a competant sysadmin and pay him whatever he sees fit for installing Postfix+[POP | IMAP] server+explain to you basic administration, and then pay no more than 1 hour/week of day-to-day administration. If the one you want to hire doesn't like the bussiness you immediatly know he is not the person you want to installing the system: a properly installe
Re:Things that I've seen work.... (Score:1)
Re:Things that I've seen work.... (Score:1)
gmail (Score:3, Insightful)
The price is free, the features are good, and the drawbacks are negligeable if you set everyone up with a good
Re:gmail (Score:2)
I personally would be more trusting in an in-house managed open source server myself on a dedicated machine (with proper security audit controls -- never trust a sys admin
Re:gmail (Score:1)
Bah
Re:gmail (Score:2)
Sad but true (Score:2)
Damien
Re:gmail (Score:2)
Re:gmail (Score:2)
Obviously if shared usernames like sales@mycompany.com are needed, gmail wouldn't be an option. But a small enough business will not need those.
Re:gmail (Score:2)
Using gmail for commercial reasons, such as using it as your work email address, are explicitly prohibited.
Re:gmail (Score:2)
Here's to hoping google offers a "premium" service once gmail goes public. It'd certainly be worth it, which such a great interface.
hosting your own maybe a solution (Score:1)
Keep in mind tho, that instead of blaming XYZ email hosting company, that you will be the focus of blame for any outages.
Otherwise, find a place that will give you a service level agreement for how many ever 9's management is willing to pay for.
What about Microsoft Exchange? (Score:4, Informative)
There are other requirements for any mail solution you'll ignore at your peril:
Re:What about Microsoft Exchange? (Score:3, Informative)
Have you considered Microsoft Exchange and Outlook? It has a very rich feature, can be accessed via a Web form, and Microsoft makes things pretty darn easy to administer.
Please tell that to my sysadmin. We've had two major failures in the last two weeks, both with some data loss and both resulting in messages being silently dropped for a period of time. Add to that a very poorly designed web interface, and being locked into a small subset of mail clients, some of which only implement a limited subset o
Re:What about Microsoft Exchange? (Score:1)
How many of your clients were using say, Kmail or Evolution through IMAP, for instance?
Re:What about Microsoft Exchange? (Score:1, Informative)
Re:What about Microsoft Exchange? (Score:4, Interesting)
otherwise, a linux box running courier-imap, your choice of webmail interface, and exim/postfix/etc is going to be a LOT cheaper
and the free solution does not have the artificial 16gb limit on storage (soon to be 75)
outlook works wonderfully with courier-imap.
just make sure you have a REALLY nice battery backup on all parts of the wan connection and the email server so when the lights go out, the mail keeps flowing...and a backup MX record too
Re:What about Microsoft Exchange? (Score:2)
The 16 Gb limit hurt me hard once upon a time, and it snuck up on me... the Enterprise version doesn't have it, so we upgraded. It does truely suck to have that artificial limit, I agree.
Mail servers retry, so you aren't likely to lose email unless you're down for a day or more. If people are relying on email as a reliable mode of
Google please help (Score:3, Interesting)
Re:Google please help (Score:1)
Qmail? (Score:2)
Qmail...Rocks? (Score:1)
If you know nothing about mail you can learn enough in a few days to get qmail up and running. The mail list and forums are highly active and full of people willing to help you.
A few options (Score:4, Interesting)
As outlined in earlier posts, you have quite a few options when it comes to email service.
You can have it hosted. This is probably the easiest option. It sounds like you've had some bad experiences with this, and may be wary of it. You will have the best luck going with larger, more established hosts that embrace modern technology and have a strong, well documented, and well enforced AUP (that bans all kinds of spamming).
The second option has also been mentioned. Run a small Unix-based email service out of your office. This is probably the cheapest option, and depending on whom you compare it to, day-to-day management and troubleshooting can be quicker than a hosted service.
The third option is going to be an unpopular one with the Slashdot crowd (and in some cases, understandably so). Check out Microsoft Exchange (try the one bundled with Small Business Server). There are other groupware applications out there, and some (like Novell/SUSE's OpenExchange) are worth consideration...but nothing is Exchange. If you're already a Microsoft shop, you should definitely consider it as it integrates well with the MSFT software that you already have. Of course, it's budget dependant (and is an expensive platform to use). In your case with a small shop and limited experience, I would have a third party come in and set it up for you, and sign up for a service contract.
For an end user (especially management types), Exchange has every feature under the sun. It would help if you identified your goals (specifically budget and featureset desired) and then decide on what product is best for you. However, I would advise you to leave no option off the table, even if you have personal issues with the software. Also, all of these options are available as hosted solutions. However, it's important to weigh out both the benefits and drawbacks to hosting. Benefits are relatively obvious, and some drawbacks are that you lose control over your service, and certain quick tasks (like a password change) can take hours or even a full day for them to get around to.
Re:A few options (Score:2)
Re:A few options (Score:2)
Agreed...and I've been on both sides of this. I've worked on a development team for a large (tier 1) ISP who was developing early ecommerce hosting platforms. We were developing Unix and Windows platforms side-by-side for our web hosting operations center. I believe that it used IIS 3 and some version of MS Commerce Server with Wi
"out of the box..." (Score:1)
Most of your out of the box solutions will do well for you. If you're under budget constraints, or just want the reliability of an "appliance" (after it's all configured and running) any of the downloadable *nixes will do you well. Debian [debian.org] (my pref), Fedora [redhat.com], or *BSD, for example, include postfix for the SMTP portion, a selection of IMAP and POP3 services to choose from, various web-mail interfaces, etc... right out of the box (or I guess ISO).
If it were me (and it has been), I'd go
Re:"out of the box..." (Score:2)
My preferred combo is FreeBSD + Postfix with TLS/SMTP (for "outside" clients) + Dovecot secure imap + OpenSSL + Openwebmail. If you absofuckinglutely must, you can drop this setup in a DMZ or third interface of a PCEng [pcengines.ch]
Re:"out of the box..." (Score:1)
For a business, yeah the RAID-5 is required when you don't want to loose ANYTHING. For my home system I do nightly mirroring, and that's good enough. If I loose a disk, I loose less than a
E Smith (Score:1)
It's a shame, as it is a nice system for small companies. What's ClarkConnect like then?
Commercial Products (Score:1)
Courier MTA (Score:2, Informative)
The standard Courier bundle has everything you need for a mail server (web administration, webmail, imap4, pop3, TLS/SSL, filtering, mail lists, fax support, etc...). If desired, all you need to add is SpamAssassin and a virus scanner. I have been running this combo for years with great results.
-Nathan
Re:Courier MTA (Score:2)
Balancing the Cost/Benefit (Score:3, Interesting)
DIY
Hosted
I ran my own mail server for my various domains, and have set up mail servers for companies. currently I'm using Fusemail [fusemail.com] for my personal and consulting email, and I'm starting to think that I would recommend it for most small companies.
The reason behind this is, I don't have the time to do the administration myself. I have other work priorities, and messing around with a server all the time is not one of them. The other benefits are, network synchronization of calendar, IMAP, server side sorting, and eventually Outlook pluggability (good for PDA users).
You can do this stuff yourself, but it takes time and is not always reliable. The down side of picking an external provider is, when your internet goes down, email is down, even internally. That can hurt a company and your credibility.
With that said, I would look potentially at email service providers (not web hosting providers) for an external solution, and probably exchange for an internal solution with groupware, and other unix solutions for internal email without groupware.
What you need to decide is how much responsibility you want for being the point person on email. If you're already afraid of the result, better to hire a domain expert, and one that's been in business. Get a good SLA (service level agreement), and assure that your internet connection is either redundant or up most of the time.
Re:Balancing the Cost/Benefit (Score:3, Informative)
As opposed to the ever-so-tedious process of installing, say, SquirrelMail? I mean, it's not like it comes with major operating systems like Fedora or anything...
Re:Balancing the Cost/Benefit (Score:2)
In addition, while squirrelmail may address the mail issue, it may not address the groupware functionality his users may require (calendaring, ldap address editing, tasks, group appointments). I've had offices as small as 5 people insist on having Exchange based on their "need" for groupware.
Re:Balancing the Cost/Benefit (Score:2)
Golly, if they need groupware that badly, build moregroupware. It works for us, and we even use it as project management software.
linode (Score:2)
I use my domain registrar's DNS servers, use a SMTP server on the vps to catch mail for my domain, and forward it from there to two places -- a pop account provided by my cable company, and a gmail account.
Gmail is nice because you can configure the "reply-to" address, so outgoing mail acts as if you're s
Re:linode (Score:2)
No mention of Mac OS X Server yet? (Score:3, Interesting)
I haven't used Apple's server products since the days of Mac OS 9. I'm just a fan of their products.
Re:No mention of Mac OS X Server yet? (Score:2)
Well, okay, I jest about Macintosh SE. It's as bad a dinosaur as the PDP-11. But iMacs still aren't old enough to be "old" yet.
--Ender
Short answer: No. (Score:4, Insightful)
So you're unhappy with 99.5% uptime.
(assuming that those two outages per year are for a full 24 hours...)
So you're not going to be happy with a solution that involves having someone else do it...
There is no such thing as 100% uptime.
While better than 99.9% uptime hosting does exist,
you're not likely to find one without doing a lot of work, and even then there will still be outages.
There isn't an ISP in existance that will both let a random company do email, and not be on some blacklist somewhere.
Best advice I can offer is to tell your boss that despite the problems you've had with [best service provider to date], there aren't any better solutions available, and you recommend living with the problems, rather than dealing with a whole new set of problems.
Anything else would set you up as the fall guy when email breaks in the future.
-- Should you believe authority without question?
Re:Short answer: No. (Score:2)
+++
http://www.drudgereport.com for the truth.
Advice (Score:4, Informative)
Your choices will depend on budget and administrative flexibility.
1> Outsourced hosting: This is probably the easiest and cheapest method available. However, it is also likely that if your hoster is primarily a webhost, you will be hurt by someone else putting up bad scripts or software on the same box.
Going with companies dedicated to hosting email is probably a better choice.
2> Running your own server colocated in a datacentre: This gives you full control on the box, and attendant responsibility. If you choose your hosting company properly, you will find that you can email almost anywhere. (There _are_ people who will block even large hosts with very little justification).
3> Do it inhouse: You need minimal business class connectivity (permission to run servers, static IP and proper reverse DNS). Hire someone to setup the box for you, or use an appliance. Using a non appliance box gives you more flexibility, but some more responsibility as well.
What you need to do is decide on
a) What OS/distribution to use.
b) Which MTA to use
c) Which IMAP server to use.
I would go with a well supported Linux distribution (RedHat/SuSE for the commercial, Debian for free) or a FreeBSD 4.x box. My personal MTA of choice is Postfix, with Courier-IMAP doing POP3 and IMAP with webmail served by Squirrelmail.
If you _need_ a web based UI for management, use Webmin.
For spam filtering, SpamAssassin and Clamav for the antivirus. Wrap both these with amavisd-new.
The documentation for all these products is excellent, and plugging stuff in is trivial.
Your (Free) alternatives for MTA are: Exim, Qmail, Sendmail.
For the IMAP server: Cyrus, Dovecot and UW-IMAP.
Some people here recommend a backup MX. I would suggest avoiding the backup MX, since mail is queued for 5 days normally. If you have downtime > 5 days, you have bigger problems.
The cost of doing this inhouse would be in terms of the time you spend in updating packages and reading the documentation.
Re:Advice (Score:2)
I wouldn't use webmin just for web based e-mail management tho, for a small to medium site I've found postfixadmin [high5.net] a very nice solution. It uses the database extendability in both courier and postfix to make managing users and domains a snap. (And as maildrop uses couriers authlib as well it will find the mailboxes perfectly).
The maildrop and the amavisd-new con
Magma Communications (Score:2)
If there has ever been an e-mail outage I certainly haven't noticed it in several years. And I rely a lot on e-mail.
Great anti-spam filtering too.
Corporative E-Mail, the easy way (Score:1)
You said you are a small company, but you haven't said what do you mean with "small".
Let's say 500 mail accounts. OK; let's say 1000 accounts.
Your easiest and safest bet is looking for a savvy Linux sysadmin/free lancer to implement it for you. Provided everything is in place (hardware, connection and your VISA card if you don't own an Internet Domain) it won't take more than two days (I'd say 5-10 hours of -relaxed, work). He will do t
Perhaps do away with e-mail altogether? (Score:2)
Just a small-timer's observation, but I have pursued running a mail server for a small web site I run, and I found the process to be defeating in every way. SMTP, POP, and DNS constitute a remarkably arcane way of sending text-based mess
Use a dedicated email provider (Score:2)
Many of the customers we pick up previously used either free email services or an email component of an overall hosting company. The problem being that since email wasn't the primary business of their provider, it wasn't treated with the priority that email users need.
A good place to compare services and read reviews is EmailAddresses.com [emailaddresses.com]. There are forums specifically for a few of the bigger dedicated providers there, as well as more general discussion areas, and the ow
Find a Local Consultant (Score:2)
Work with him to refine the configuration for your enterprise and you'll have a hot, fast, nearly ideal e-mail system.
It may need a few hours of love every few months for updates but not much beyond that
Oh, and for the love of God, don't skimp on the UPS for the server and let it s
Two pronged approach (Score:1)
Go back to first principles (Score:1)
Firstly let's return to the requirements. You say your boss wants something "better" and you illustrate the point by mentioning an "outage". Okay we've got a little bit to go on there. Furthermore you talk about experience with "hosts". Think I might be able to guess where you're coming from here. Think we might be able to discount Linux.
Anyway, I digress: what exactly was getting to your boss?