Mail serving
E-mail is a vital service to a broadening range of businesses, and if it goes down, admins can be guaranteed their phones won't stop ringing until it's back. Which operating system best suits mail server requirements, both now and into the future?
Dean Thompson: E-mail has become an essential part of an organisation's internal and external communications.
Before organisations decide to deploy or review their mail services they need to consider several issues.
What infrastructure is in place, and is it being upgraded? What operating system is used on the desktop? In most cases this will be some flavour of Windows operating system--98 or 2000, for example--although some sites do have Unix workstations.
What e-mail functionality is required? A simple service that passes messages from sender to recipient, or extras such as company-wide mailing lists or address books, off-site access to mail, junk mail detection and elimination, mail filtering for individuals and the detection of viruses embedded within e-mail messages?
The answers to these questions dictate what sort of e-mail solution you should provide. For example, a small-to-medium-sized business that has deployed Windows (98, NT, or 2000) throughout the organisation and which uses a domain controller (either a Primary Domain Controller via NT4 or an Active Directory provided by Win2000) might find it more economical to invest in Microsoft's Exchange mail server.
Exchange is relatively easy to set up and fits nicely into organisations that are already making extensive use of Microsoft products. For example, Microsoft Outlook can interface with Exchange server in a corporate mode and provide users with public newsgroups, shared distribution lists, and calendar/scheduler services.
Windows 2000 and Exchange server work together for tighter integration of existing security policies, allowing people to use the same username and password combination to log into their workstation, access server resources, and read their mail.
Exchange and Outlook together allow users to define rules to process incoming mail, including the identification and disposal of junk mail. The Windows 2000/Exchange server combination allows the use of third-party mail clients like Netscape, but non-Microsoft clients have no access to common mailing lists or scheduling capabilities.
It is important to note that Exchange runs only on Windows servers, so an organisation has to already have the existing Microsoft infrastructure in place.
Furthermore, it is shipped from Microsoft as a black box with limited room for customisation, though Exchange server is quite flexible and can be configured to support a number of activities such as receive mail for a number of hostnames, or act as a front end to a series of mail servers.
Security is another consideration. Although Microsoft stores incoming messages in a database format that is not easily read, a number of security loopholes have been discovered with the Web interface that comes with the product.
These loopholes potentially allow miscreants to send a request that causes the mail server to execute code and functions against the users mailbox.
Security loopholes are nothing new and although Microsoft has been fast to provide patches, it is well documented within the industry that some of those these patches initially caused wide scale problems including the shutdown of corporate mail servers. These problems have since been rectified, but an extended e-mail outage is unacceptable in a corporate environment.
Overall, if you were a small-to-medium-sized business with Windows-based infrastructure, Microsoft Exchange and Windows 2000 would probably suit you.
Medium-to-large-sized companies may be attracted to Unix. Within the Unix world there are a number of mail server programs including sendmail--which is the most common-plus postfix and qmail. They for a powerful combination with other programs and protocols such as IMAP and POP which provide additional services so users can read mail from their desktop computers.
Larger companies are normally attracted to Unix operating systems--specifically Solaris (2.5+), Linux and FreeBSD--because of their reliability and because the software running on these systems tends to be open source allowing companies to either modify them to suit their own needs or to allow other programs to interface with them.
Examples of the flexibility that the Unix systems provide over other mail solutions is the ability to be able to add support from third parties for the scanning of incoming mail attachments for viruses, filtering incoming mail, and identifying any junk mail and disposing of it. While similar products also exist for Windows, linking them together can be challenging at times and their source code is not commonly available for modification.
A benefit of using Unix as a platform for processing incoming mail is messages can be scanned for viruses in an inert environment. Most viruses sent by e-mail are written for Windows and do not affect Unix, so they can be cleaned before they reach the environment they were designed to exploit.
Operating systems such as Linux have the source code of the entire operating system available to the public, allowing the serious developer to go into the internal workings and tweak system parameters to improve performance, something which is not possible with Windows.
More on mail serving
Overall, if you were a small-to-medium-sized business with Windows-based infrastructure, Microsoft Exchange and Windows 2000 would probably suit you.
Medium-to-large-sized companies may be attracted to Unix. Within the Unix world there are a number of mail server programs including sendmail--which is the most common--plus postfix and qmail.
They form a powerful combination with other programs and protocols, such as IMAP and POP, which provide additional services so users can read mail from their desktop computers.
Larger companies are normally attracted to Unix operating systems--specifically Solaris (2.5+), Linux and FreeBSD--because of their reliability and because the software running on these systems tends to be open source allowing companies to either modify them to suit their own needs or to allow other programs to interface with them.
Examples of the flexibility that the Unix systems provide over other mail solutions is the ability to be able to add support from third parties for the scanning of incoming mail attachments for viruses, filtering incoming mail, and identifying any junk mail and disposing of it.
While similar products also exist for Windows, linking them together can be challenging at times and their source code is not commonly available for modification.
A benefit of using Unix as a platform for processing incoming mail is messages can be scanned for viruses in an inert environment. Most viruses sent by e-mail are written for Windows and do not affect Unix, so they can be cleaned before they reach the environment they were designed to exploit.
Operating systems such as Linux have the source code of the entire operating system available to the public, allowing the serious developer to go into the internal workings and tweak system parameters to improve performance, something which is not possible with Windows.
Geoff Halprin: I'd like to start by pointing out that the difference between Unix (including Linux) and Windows is one of white box versus black box.
These are terms used in computing to describe whether one can see the inner workings of a system and hence tailor their testing and other practices in light of this knowledge.
The problem with developers is that they build systems based upon a false assumption about the environment that it will be deployed in--specifically that it is identical to the development environment. This thinking is false, and costly.
Each production system is unique. Four customers with the same hardware and software will create four unique environments, tailored to their individual needs--their users' skill levels, system administrators' experiences, business needs, legislative compliance requirements, and the ongoing stream of changes each day.
This is the essence of system administration: taking a set of discrete applications, hardware and user requirements, and building a production computing environment that meets the needs of the business.
Whilst each discrete component may not be special, the combination is always unique. This is complexity in its purest form. So, the problem is that no production system matches the vendor's assumptions for more than a few minutes. It basically undergoes an endless stream of continual changes, based upon it being put to use.
Unix systems are white box environments; system administrators know or can determine the exact behaviour of a system, and tune their practices to meet the needs of that application.
This generally makes complex activities practical; such as tuning, partitioning of services, sharing a host between applications-there is known effort involved and known consequences of that effort.
NT, by contrast, is a black box system. This means that the most reliable way to provide a variety of production services is to isolate each onto its own server.
Certain combinations have been integration tested, and so these can be provided reliably from a single host. However, when a patch is required, this integration testing must be repeated.
This clash of cultures plays significantly in the areas of tuning, scalability and security. Whilst the GUI nature of NT provides simple interfaces to many more common administrative tasks, the lack of any other form of control, and the lack of adequate tools to profile a system and investigate problems, coupled with the inability to control a Windows platform subsystem by subsystem, leads to a "reboot and re-install" mentality amongst many of those administering Windows platforms. This does not play with a "five nines" environment, which allows around five minutes of downtime a year.
It is far easier to train a person in the basics of day-to-day Windows administration, than the equivalent activity for Unix platforms (including Linux). But this is deceptive. Much of system administration is about dealing with exceptions, and being able to troubleshoot problems under pressure.
It is also about larger issues, such as business continuity planning, data management, problem management, change management and network management, to name a few. That it is easy to obtain an MCSE only hides the real complexity of the role, and directly contributes to an environment where companies attempt to use the technology they have inappropriately.
Turning to the question of mail servers, here are many different types of mail environment and so you can't say "one size fits all" or that there is one best product.
This issue is made more complex by the positioning of some products as groupware products that combine several functions with mail serving, such as Microsoft Exchange.
In smaller environments and in homogenous PC-based businesses, I agree that the combination of Outlook and Exchange becomes a compelling story.
Exchange provides a rich personal and workgroup productivity environment, integrating mail, calendaring, task lists, and contact lists into a single database. While there are a number of promising efforts underway in the Open Source community, none of them presently provide the richness or ubiquity of Outlook/Exchange.
Alas, with features comes risk. Microsoft ships a product that has many unnecessary features turned on by default, and many that cannot be easily disabled. These present large opportunities for attack from the Internet. Outlook continues to be the single largest security risk to any Internet-connected site.
Serious bugs that are exploited by new worms appear weekly. Businesses are being naive by not counting the cost of lost productivity in their purchase decisions and management practices.
Where the features are compelling, but delivered at a significant risk, businesses must invest in more rigid practices to ensure their products are always fully patched, and appropriate virus software is in place and virus libraries maintained. Alas, this is the exception, not the rule.
Dean Thompson: Unix tends to scale better than Windows, partly because a Unix server does not require a resource-hungry GUI. If a Unix machine is upgraded, the performance benefits of the upgrade are more likely to be felt by the end users, whereas the Windows GUI tends to absorb some of the improvement.
But this is a double-edged sword because it usually means that the company has to find an employee who is comfortable in working in a text environment rather than the now more familiar Windows GUI.
Geoff Halprin: Other reasons for Unix's better scalability are the open nature of Unix products, and the ability to investigate and allocate appropriate resources to applications. I am not aware of any mail servers of a significant size (such as an ISP) that do not run on a Unix platform.
I find the comments about Unix versions other than Solaris becoming considered "legacy" systems rather funny. I believe it was Solaris that recently announced they would no longer be developing a version for Intel...
Furthermore; the only reason there is an "OS War" is because Microsoft is more interested in making money and increasing their market share than meeting the needs of their customers. Linux is not the one with the "secret" protocols and undocumented "standards."