What are the pros and cons of running ones own mail server? If a small
(fifteen person) company without any computer experts wanted to do so
would you encourage or discourage them?

news:kv26p192jf91k9hga8e8k1irjofe157nmd@4ax.com...

I would say that you would save a lot of hassle by out-sourcing it.  It's
dead cheap and will save you a lot of hassle.  Installing and maintaining
the software and setting up spam rules etc can take a bunch of staff time.
Especially now in the world of Sarbanes-Oxley there are a lot of hassles -
make sure any contract you enter into puts the obligation for compliance
onto your service provider.

--
Andrew Butchart
and...@floatingbear.ca

Oustsourcing may be "dead cheap" but only if you do not care about
sercurity of *internal* emails.

IMHO the best way would be to use internal mail server (smtp & pop/imap)
with outsourced:
a) filtering of incoming email (anti-spam & anti-virus protection)
b) handling of outgoing email (smart host or fallback smart host)

--
Andrzej Adam Filip : a...@priv.onet.pl : a...@xl.wp.pl
http://anfi.homeunix.net/  Netcraft Site Rank: 494495
All that is necessary for the triumph of evil is that good men do nothing
     -- Edmund Burke (1729-1797)

Hire a 16th employee, who will become your IT administrator.

Although there are many outfits that will happily accept your outsourced
E-mail service, the actual quality of service will vary, it's mostly going
to be a crap shoot.  You may end up outsourcing your E-mail to someone who
knows what he's doing, or you may not.

After the 16th employee is hired, have one of the existing 15 employees
supplement his spare time by learning the ropes, at a leisurely pace, so he
can be a backup for the IT guy.

application_pgp-signature_part 1K Download

Our product - the embedded e-mail server - is actually made for
scenarios like yours.

www.nct-technology.com

In the US you can get it here.

http://www.ees-usa.com

In the US it's $570  which is a bargain considering it's not only the
software (which does not have any hard limits) but also the hardware.

Basically you take it out of the box, hook it up to the network,
configure your domain(s) and users thereof and there you go.

The device updates it's firmware autonomus if a new release becomes
available, also updates the spam filter patterns autonomus over the
internet (up to once per hour!) hence you have nothing to do with all
these kind of things. It's fool proof enough that it's not possible to
misconfigure it so as it could be abused as an open relay or such.

The device also reliably filters malware or e-mails with other
malicious content.

Since it's an embedded device, it consumes only ~3W of electric energy
(hence you save half of it's price in a year just with the electric
power savings compared to a PC solution).

Ther is no operating system in it. Just firmware which is designed so
as no buffer over run exploits are possible. Even if we would asume
that it could be hijacked (again, that's not possible) you would not
be in trouble since the firmware simply lacks any functionality to
access the remaining parts of your lan.

Again, the device is designed for ease of use. It's made to serve up
to 200 users or ~10'000 e-mails per day which ever comes first.

I forgot to mention that there are no running costs for the spamfilter
nor for the firmware.

HTH

Markus

There's the key. Don't do it.  Mail servers are very much a non-trivial
endeavour.

-Frank

Mail servers with oustsourced AV and AS protection and queuning of
outgoing email can be trivial. All things beyond AV, AS and
investigating/solving delivery problems are pretty simple (IMHO).

--
Andrzej Adam Filip : a...@priv.onet.pl : a...@xl.wp.pl
http://anfi.homeunix.net/  Netcraft Site Rank: 495878
All that is necessary for the triumph of evil is that good men do nothing
     -- Edmund Burke (1729-1797)

Andrzej Adam Filip <a...@priv.onet.pl> wrote:

Given that installation and managing users is common to both
outsourced and in-house servers what tasks have I missed that are
"pretty simple"?

It is a matter of scale. A few thousands+ heavy email users can produce
constant stream of "(small) problems to fix". Less than 20 users under
one boss are much easier to manage and it is easier to use "non
technical" solutions [ sticks & carrots :-) ]

If users have AV software installed on their workstations (assumed MS
usage) then you should expect hardly any problems except "mailbox
overload" after first 2 "burn-in" weeks [for *small* firm installation
with outsource AS, AV and outgoing queuning] *IMHO*.

AS and AV protection faces "intelligent enemy" - you should not blindly
assume that good solution today is going to be solution next quarter.

--
Andrzej Adam Filip : a...@priv.onet.pl : a...@xl.wp.pl
http://anfi.homeunix.net/  Netcraft Site Rank: 497434
All that is necessary for the triumph of evil is that good men do nothing
     -- Edmund Burke (1729-1797)

That's one of the strenths of our aproach. The mailserver updates it's
firmware whenever we adjust the filtering software etc. The
theoretical frequency here is currently up to once per day. The spam
pattern updates are made up to once per hour. Of course, firmware
updates are only based on the need. Average is probably one firmware
update every 6 weeks.

The intention of our aproach is to have a product that can be run in a
"fire and forget" fashion by the users, limitting their work to adding
and maintaining the list of users and domains both of which are really
easy jobs for small sites. We on the other hand manage the complicated
tasks and challenge of adjusting the filter software and patterns
completely in the background.

Markus

It is not, really. If you use your ISPs mail service (or outsource), your
ISP manages your email users and the mail server.

None. Running a mail server is not ever pretty simple. Period.

If you fully understand the following, and can answer these questions, give
it a go.  If you don't, don't, until you can. That's my opinion.

- What is an SPF record and do I need one?; Do I know how to make one?

- What is relaying and how do I authorize and/or prevent it?

- What are the differences between POP3, IMAP, SMTP and which do I want to
use?

- Do I need web access as well as Outlook or other local mail reader?

- What ports to POP3, IMAP, SMTP use by default?

- Should I use the standard ports? Why or why not?

- How much will my mail server software cost for the number of users I have?

- How much is my mail server's annual subscription for updates?

- Will my backup software work with my mail server? (does it have an
agent? - What is an agent anyway?)

- Do you have a public static IP to use?; Do you know why you need one?

- Do you know what a reverse DNS record is and why you do or do not need
one?

- Can you create a reverse DNS record?

- What is an MX record?; Do you know if you need one and why or why not?

- Do I have direct control of my local DNS as well as my external DNS?; Do I
know what DNS is and how to configure it? Do I even have a local DNS?

- Do I have an adequate backup plan that will avoid "lost" mailboxes"?

- Do I have the storage space to deal with users that use their mailboxes as
if they were for file storage?

Anyhow, if you understand and can answer these questions, and, have the
capability to implement the required services, you're good to go. If not,
I'd outsource the email.

-Frank

On Tue, 6 Dec 2005 10:27:38 -0700, "Frankster" <Fr...@SPAM2TRASH.com>
wrote:

Obviousely you are right with this statement.

I would not say "pretty simple", but it's not rocket sience. Once can
easily inform himself on the topic, and a good ISP will always help a
customer with those areas where the knowhow usually is only marginal
(MX RDNS fixed vs. changing IP etc.)

The vast majority of servers/sites do NOT support SPF these days. Many
experts differ vastly with their opinions about SPF and supporting it.

I.e. our server does not allow relying from lans other than the server
is ran in unless the client authenticates itself using SMTP
authentication. Since we provide step by step configuration guidelines
for the most popular mail clients and point out what it does/is for
this is no real problem. I.e. with the MS clients (which are still
those most frequently used it boils down to clicking a singel
checkbox)

SMTP is obivousely needed with a mailserver. IMAP is a different
story. We only support POP3 for the simplicity of it.

WebMail is part of the box and meant to be a workaourd for users being
on the road. Since we support SMTP authentication it's very easy to
configure say a laptop so as it can be transperently used no matter
wether the user is within the corporate lan or external to it.