than 70 percent of Internet traffic is e-mail which
provides an easily available window to spread malicious
content and breach security. A study of the available
mail servers can help decide the right fit for your
enterprise. by Seamus Phan
has become as habitual as picking up a phone to make
a call to someone. To put things in perspective, more
than 70 percent of the Internet traffic is still e-mail.
According to Forrester Research, an estimated 250 billion
e-mail messages will be sent in 2002, an increase of
100 percent from 1998.
Although e-mail seems easy to manage and use, there
have been escalated incidents where e-mail plays a critical
part in disabling and slowing down corporate Internet
connectivity, through the spreading of malicious content
such as macros, worms, Trojans, and spam. Therefore,
it is obvious that e-mail technology has not evolved
to the stage where usage can become transparent and
streamlined, without much hassle and frustration to
users and administrators alike.
The old school
If you come from the Unix environment, you may already
be familiar with the venerable Sendmail (www.sendmail.org),
probably one of the oldest and still widely used Mail
Transfer Agents (MTA) around today. Since Sendmail is
free, the Unix community has almost universally adopted
it and it is often the default MTA in many Unix variants
and installations. This makes it the de facto standard
for MTAs available today.
And since Sendmail is open source, there is a large
support community seeking to improve it further. Sendmail,
in the incarnation of 8.12.5 as of Aug 2002, has fixed
most known bugs as well as known vulnerabilities.
At the same time, however, many existing Linux and Unix
installations still contain older forms of Sendmail,
including 8.9 and other variants. Some of the older
variants have notorious bugs and vulnerabilities that
can bring a server to its knees, and yet installing
current versions of Sendmail requires expert Unix knowledge
that most users simply have no access to, nor want to
Sendmail is difficult to learn, but there is sufficient
and easily available documentation to decrypt this beast.
The feature set is bewildering but extensive, including
the availability of multiple virtual domain hosting,
as well as limited access control and handshaking.
To confuse the situation further, there is an offshoot
of the open source Sendmail application, known as Sendmail
Mailstream Manager. Sendmail Mailstream Manager is a
derivative product of open source Sendmail version 8.11,
and has been improvised by the commercial company Sendmail
Inc. (sendmail.com). Sendmail Mailstream Manager includes
email-over-SSL (Secure Sockets Layer), and provides
server-to-server security, especially for nomadic and
remote access users. Sendmail Mailstream Manager also
provides gateway virus and malware scanning for both
inbound and outbound traffic, bringing a much-needed
level of functionality to Sendmail.
In 1998, Wietse Venema, during his stint at IBM, developed
an alternative to Sendmail that was then known as Vmailer.
Due to a few potential trademark infringement issues,
Vmailer became known as Postfix (www.postfix.org). According
to Venema, Postfix can be up to three times faster than
the likes of Sendmail, because it has been written from
the ground up to be efficient and processor-friendly.
As Sendmail was widely adopted, Venema wrote Postfix
to be compatible with Sendmail so that administrators
can easily port user accounts and directories over to
Postfix. Also, Postfix has a far easier way of implementing
multiple virtual domains than Sendmail, relying on a
single lookup table, rather than multiple levels of
aliasing and redirection.
Another equally skilled competitor to Sendmail is Dan
Bernstein's qmail (www.qmail.org). According to qmail's
site, many known organizations, such as Yahoo!, Verio,
MessageLabs, Critical Path, PayPal, and Pair Networks,
use qmail. Its proprietary mailbox format, known as
Maildirs, cannot be easily corrupted like traditional
Unix-styled mailboxes (mbox format), should the system
crash during delivery. Bernstein is also very confident
about the low system overheads of qmail, claiming that
a 16MB 486 PC can easily run qmail.
If you like all things small, exim (www.exim.org), developed
by the University of Cambridge, is similar in footprint
to the likes of Postfix and qmail. It is rather lightweight
as well, but boasts of mail filtering mechanisms such
as relay blocking and guarding against mail bombs and
Dmail (netwinsite.com) is a far more powerful, albeit
commercial MTA. Dmail provides extensive mail and content
filtering, including message filtering based on rules,
as well as a complex method of using regular expressions
(regex) with a highly evolved scoring system to rate
e-mail (for spam filtering purposes). Dmail also works
with most antivirus solutions to extract banned MIME
content, and supports Extended Simple Mail Transfer
Protocol (ESMTP). This allows more customization by
skilled Unix users to create powerful rules and plug-ins
through the use of Perl, C, or even Python code.
Far from the crowd
Mail servers come in far more varieties than Web browsers,
and there are more than a dozen types of mail servers
for almost any platform. There are even hacks available
for older and current PDAs to behave as full-fledged
If you have a Mac OS (like OS 9) in your corporate environment,
there are already two worthy
candidatesAppleshare IP (www.apple.com) and QuickMail
Office (www.cesoft.com). Both these mail servers are
proprietary, but will play well within the Internet
definitions and protocols. The flip side of a mail server
like QuickMail Office is its proprietary interface,
which may prevent a legitimate administrator from using
protocols like Telnet and remote secure Web access to
administer the mail server.
It is also rather difficult to reboot the mail server
from a remote location, unless you use custom hardware
add-ons. The workaround is to have a secondary Mail
Exchange (MX) remotely hosted, which will allow mail
to always deliver to either the local OS 9 mail server
(primary MX) or to a remote secondary MX, should the
primary MX fails. My personal experience with QuickMail
Office is that it is rather robust, and very resistant
to intrusions and external hacks of almost any kind.
The only practical way to bring down a QuickMail Office
mail server running on OS 9-assuming you have disabled
Web sharing on the machine-is to bring down the Internet
Courier (www.courier-mta.org), besides offering the
usual protocols supported by most mail servers, also
offers ESMTP, SSL, HTTP, LDAP, and even Webmail and
mailing list support. It also comes with its own plug-in
mail filtering engine that can offer powerful mail filtering
capabilities for other MTAs. The mail filtering engine
is written in compiled C++ code, making it an efficient
and processor-friendly application that can handle large
amounts of mail without breaking.
The engine can work with standard mbox mailboxes, as
well as qmail's maildir format. While other mail server
solutions seem to target Unix or Unix-like OSes, a lesser
known mail server called Merak, from IceWarp Software
(www.icewarp.com), is a Microsoft Windows-specific mail
server. Besides the unique protocol and virtual domain
support, Merak also offers antivirus protection by interfacing
with most known antivirus programs, as well as providing
some open relay and spam prevention.
For Windows users a popular mail server is Microsoft
Exchange, but there are plenty of options available.
Alternative platforms offer more effective spam and
malware protection, due to the inability of Windows-specific
malware to intrude upon or wreck havoc on these lesser
used platforms. After all, mail exchange is a mission-critical
activity, and the lesser the problems, the better. There
is nothing frustrating than losing an e-mail that might
have meant a million-dollar contract.
Seamus Phan is research director at KnowledgeLabs News
Center (www.knowledgelabs.net), an independent technology
news bureau and writes for Network Computing-The Asian
Edition. He can be reached at email@example.com