Feature:
Examining the Enterprise Mail Server landscape

Seamus Phan , 1-Sep-2002

E-mail has become as habitual as picking up a phone to make a call to someone. To put things in perspective, more than 70% of the Internet traffic is still e-mail.

According to Forrester Research, an estimated 250 billion e-mail messages will be sent in 2002, an increase of 100% from 1998.

Although e-mail seems easy to manage and use, there have been escalated incidents where e-mail plays a critical part in disabling and slowing down corporate Internet connectivity, through the spreading of malicious content such as macros, worms, Trojans and spam. Therefore, it is obvious that e-mail technology has not evolved to the stage where usage can become transparent and streamlined, without much hassle and frustration to users and administrators alike.

The old school

If you come from the Unix environment, you may already be familiar with the venerable Sendmail (www.sendmail.org), probably one of the oldest and still widely used Mail Transfer Agents (MTA) around today. Because Sendmail is free, the Unix community has almost universally adopted it and it is often the default MTA in many Unix variants and installations. This makes it the de facto standard for MTAs available today.

Because Sendmail is open source, there is a large support community seeking to improve it further continually. Sendmail, in the incarnation of 8.12.5 as of Aug 2002, has fixed most known bugs as well as known vulnerabilities.

At the same time, however, many existing Linux and Unix installations still contain older forms of Sendmail, including 8.9 and other variants. Some of the older variants have notorious bugs and vulnerabilities that can bring the servers to their knees, and yet installing current versions of Sendmail requires expert Unix knowledge that most users simply have no access to, nor want to grapple with.

Sendmail is difficult to learn, but there is sufficient and easily available documentation to decrypt this beast. The feature set is bewildering but extensive, including the availability of multiple virtual domain hosting, as well as limited access control and handshaking.

To confuse the situation further, there is an offshoot of the open source Sendmail application, known as Sendmail Mailstream Manager. Sendmail Mailstream Manager is a derivative product of open source Sendmail version 8.11, and has been improved upon by the commercial company Sendmail Inc. (sendmail.com). Sendmail Mailstream Manager includes email-over-SSL (secure sockets layer), and provides server-to-server security, especially for nomadic and remote access users. Sendmail Mailstream Manager also provides gateway virus and malware scanning for both inbound and outbound traffic, bringing a much needed level of functionality to the venerable Sendmail.

Fixing Sendmail

In 1998, Wietse Venema, during his stint at IBM, developed an alternative to Sendmail that was then known as Vmailer. Because of some potential trademark infringement issues, Vmailer became known as Postfix (www.postfix.org). According to Venema, Postfix can be up to three times faster than the likes of Sendmail, because it has been written from the ground up to be efficient and processor-friendly. As Sendmail was widely adopted, Venema wrote Postfix to be compatible with Sendmail so that administrators can easily port user accounts and directories over to Postfix. Also, Postfix has a far easier way of implementing multiple virtual domains than Sendmail, relying on a single lookup table, rather than multiple levels of aliasing and redirection.

Another equally skilled competitor to Sendmail is Dan BernsteinŐs qmail (www.qmail.org). According to qmailŐs site, many known organisations, such as Yahoo!, Verio, MessageLabs, Critical Path, PayPal, and Pair Networks, use qmail. Its proprietary mailbox format, known as Maildirs, cannot be easily corrupted like traditional Unix-styled mailboxes (mbox format), should the system crashes during delivery. Bernstein is also very confident about the low system overheads of qmail, claiming that a 16MB 486 PC can easily run qmail.

If you like all things small, exim (www.exim.org), developed by the University of Cambridge, is similar in footprint to the likes of Postfix and qmail. It is rather lightweight as well, but boasts of mail filtering mechanisms such as relay blocking and guarding against mail bombs and unsolicited e-mail.

Dmail (netwinsite.com) is a far more powerful, albeit commercial MTA. Dmail provides extensive mail and content filtering, including message filtering based on rules, as well as a complex method of using regular expressions (regex) with a highly evolved scoring system to rate e-mail (for spam filtering purposes). Dmail also works with most antivirus solutions to extract banned MIME content, and supports ESMTP (extended simple mail transfer protocol). This allows for more customisation by skilled Unix users to create powerful rules and plug-ins through the use of Perl, C, or even Python code.

Far from the crowd

Mail servers come in far more varieties than Web browsers, and there are more than a dozen different kinds of mail servers for almost any platform. There are even hacks available for older and current portable digital assistants (PDAs) to behave as full-fledged mail servers.

If you have a Mac OS (such as OS 9) in your corporate environment, there are already two worthy candidates, such as Appleshare IP (www.apple.com) as well as QuickMail Office (www.cesoft.com). Both these mail servers are proprietary, but will play well within the Internet definitions and protocols. The flip side of a mail server such as QuickMail Office is its proprietary interface, which may prevent a legitimate administrator from using protocols such as Telnet or remote secure Web access to administer the mail server.

It is also rather difficult to reboot the mail server from afar, unless you add custom hardware add-ons. The workaround is to have a secondary Mail Exchange (MX) remotely hosted, which will allow mail to always deliver to either the local OS 9 mail server (primary MX) or to the remote secondary MX should the primary MX fails. My personal experience with QuickMail Office is that it is rather robust, and very resistant to intrusions and external hacks of almost any kind. The only practical way to bring down a QuickMail Office mail server running on OS 9Ńassuming you have disabled Web sharing on the machineŃis to bring down the Internet gateway or connection.

Courier (www.courier-mta.org), besides offering the usual protocols supported by most mail servers, also offers ESMTP, SSL, HTTP, LDAP, and even Webmail and mailing list support. It also comes with its own plug-in mail filtering engine that can offer powerful mail filtering capabilities for other MTAs. The mail filtering engine is written in compiled C++ code, making it an efficient and processor-friendly application that can handle large amounts of mail without breaking.

This engine can work with standard mbox mailboxes, as well as qmailŐs maildir format.

While the rest of the mail server solutions seem to target Unix or Unix-like OSes, a lesser known mail server called Merak, from IceWarp Software (www.icewarp.com), is a Microsoft Windows-specific mail server. Besides the unique protocol and virtual domain support, Merak also offers antivirus protection by interfacing with most known antivirus programs, as well as providing some open relay and spam prevention.

For most Windows users the known mail servers seem to be the likes of Microsoft Exchange, but there are plenty of options available. Alternative platforms offer more effective spam and malware protection, due to the inability of Windows-specific malware to intrude upon or wreck havoc on these lesser used platforms. After all, mail exchange is a mission-critical activity, and the lesser the problems, the better. There is nothing like losing an e-mail that might have meant a million-dollar contract.