IntroductionTo an organization, email is arguably the most important Internet service. It cuts down the costs and hassle of communicating with people around the world. But if you want more flexibility and control over email than your Internet service provider can give you, you'll need to run a mail server on your network. At the most basic level, a mail server helps send and deliver email messages. It accepts email messages from people who have email accounts on the server (your users), and figures out whether to deliver the messages to another user within your organization or to ask another mail server somewhere on the Internet to accept them. It also accepts email messages from other mail servers on the Internet, and it decides whether to deliver them to users on your server, reject them as undeliverable or unwanted, or relay them to yet another mail server for delivery assistance. A mail server need not be on a dedicated machine - many organizations run email, Web and FTP services from one computer - but the more RAM your mail server has available to it, the faster and more efficient your email service will be. The stability of OS X makes it a fine platform for mail servers - it's far better than OS 9, which has less-stable memory management. We evaluated four mail-server software packages available for OS X: 4D's 4D Mail 5.3.2, Kerio Technologies' Kerio Mail-Server 5.7.4, Stalker Software's CommuniGate Pro 4.1.8, and Tenon Intersystems' PostOffice 3.5.3. (Another mail server, Eudora Internet Mail Server, was released too late for inclusion in this review.) We also weighed the benefits of buying one of these products against those of using the mail-server software that ships with OS X (see “Built-in alternatives”). To simulate a medium-sized business setting, we tested each product on a Power Mac G4 by creating 50 email users, a handful of mail aliases, and a few mailing lists (on the mail servers that support them). While all four servers performed basic operations without fail, Kerio MailServer's and CommuniGate Pro's advanced features make them the best of the bunch. The basics
Modern mail servers should let users send and receive email from a variety of applications - such as Qualcomm's Eudora, Microsoft Entourage, or Apple's Mail - and they should communicate with other servers using recognized Internet protocols. All the servers we reviewed here performed these tasks well. With the Internet becoming a much less trustworthy place, however, a mail server also needs to protect itself against unauthorized use, spam, and viruses. But it can't completely shut itself off from the world, as telecommuters and other travellers often need to send and receive email through it, either via a secure authorized connection or through a Web interface. The more flexible your mail server, the happier you and your users will be. All four products were easy to install. After installation, it's time to set up the new mail server using its administration interface. MailServer's Administration Console was a wonderfully intuitive, easy-to-use OS X application. You can control all of MailServer's features through its Administration Console, which can be installed on a remote machine - so administrators don't need to be on-site to monitor it or make changes. Of the four servers we reviewed, MailServer will give you the least setup trouble. 4D Mail's administration interface is the 4D WebStar Launcher's Admin Client. This is also a well-designed and easy-to-use OS X application. 4D Mail is divided into three separate servers: the Admin Server, for controlling who is allowed to make administrative changes; the SMTP Server, which handles communication between email servers; and the Mailbox Server, which stores messages that users will read with an email client. PostOffice uses a Web-based administration interface, so you can administer a mail server from a Web browser on any platform. This interface is as organized and clean as a Web-based interface can be; it's divided neatly into account-administration, mailing-list, and server-configuration areas. But navigation isn't consistent throughout - some pages don't include a Back or a Home link. An administrator can also configure Post-Office by sending email directly to the server, useful for administrators with portable email devices. CommuniGate Pro also has a Web interface for administration, and it makes the product's flexibility and complexity readily apparent. There are so many options - some that a mail administrator may never need to understand - on every screen that a novice mail administrator can easily get lost. But even a quick tour through the pages shows that CommuniGate Pro is a very powerful piece of software - this is email serving for serious pros. Users and control
Creating user accounts was fairly easy on all four mail servers, which store user information in their databases. MailServer allows synchronization with Apple's Open Directory, a Microsoft Windows NT 4.0 domain, or Microsoft's Active Directory. And CommuniGate Pro can also integrate with an existing LDAP directory, bringing the elegance of a central user database to your email server. Email users often want to change the way their mail is handled, such as forwarding messages to another email address or sending an autoreply message when they don't plan to check their mail for a while. PostOffice's well-designed Web interface can control most aspects of email delivery, including changing personal information and passwords. CommuniGate Pro gives users similar control over their accounts, though the Web interface here is as crowded and as complex as the administrative interface. 4D Mail and MailServer, however, don't give users any control over their own accounts. These email servers also give users access to their email via a Web browser. 4D Mail includes 4D WebMail, a separate server that allows Web access. WebMail runs independently of the mail server, so you have to take the extra step of importing the user database from 4D Mail before enabling Web access. CommuniGate Pro's Web client is not handsome, but it's certainly feature-rich. From one to many
When you want to send messages to multiple recipients, mail servers can provide shortcuts: they let you create aliases and mailing lists, which are two ways of sending email to one address that represents another or many other email addresses. Aliases are administrator-created shortcuts to one or more email addresses. As for mailing lists, users can manage, create, and administer them, and let anyone interested in being part of the list add themselves and control their options by sending email messages to the mail server, even if they don't have an account on the server. Mailing lists (or listservs) are a good way to let outside people participate in discussion groups, and the ease with which they can participate is important. All four products let an administrator easily create aliases, but 4D Mail had a quirk - it wouldn't let an administrator add users to an alias until the administrator created an empty alias. MailServer and CommuniGate Pro also provide groups, special email aliases consisting only of MailServer users. MailServer, PostOffice, and CommuniGate Pro also let the administrator add new users to aliases when their accounts are created, which is a time-saving step. Both PostOffice and MailServer provide superior control over mailing lists, with options for setting them up, as well as options for subscribing and posting, requiring moderation of posts, adding headers and footers, and enabling automatic replies to messages. These two servers and CommuniGate Pro allow people interested in your email list to subscribe, participate, and set options completely through email, keeping the need for administration to a minimum. 4D Mail doesn't provide mailing-list capabilities. All four mail servers use standard Internet protocols to get email where it needs to go: SMTP (Simple Mail Transfer Protocol), POP (Post Office Protocol), and IMAP (Internet Message Access Protocol). 4D Mail and PostOffice use these three protocols and encrypt the POP password. But these protocols send messages in unencrypted clear text, so a machine on the same network as the server and client can potentially read information in transit. Using a secure connection to exchange passwords and transfer email is one of the simplest ways an organization can protect itself from information theft. MailServer and CommuniGate Pro solve the security problem by including services that use the Secure Sockets Layer (SSL) protocol to encrypt information between the server and the client. Both create a default SSL certificate during installation to provide basic encryption. MailServer includes a certificate-creation wizard for making more-authoritative certificates that prove the identity of your email server to clients that connect to it. Spam catching
With email spam and viruses at epidemic levels, mail servers need to be choosy about the mail they accept. You can't keep spammers from knocking at your door, but you should certainly be able to keep them out. 4D Mail offers several methods of identifying possible spam. You can subscribe to DNS blacklists - centralized lists of IP addresses and domains that have been used to send unsolicited mail in the past - and reject mail sent from blacklisted addresses, sending back a short message explaining the rejection. The server can also be configured to enforce reverse IP lookup matching, which will reject mail from IP addresses that pretend to be from a different Internet domain. 4D Mail also lets you create filters that search for certain words or phrases in email headers (for example, they'll look for Viagra or Valium in a message's subject line). But trying to keep up with spam by manually creating email-header filters will quickly wear down the patience of an email administrator. Post-Office does 4D Mail one better by including all of 4D Mail's antispam capabilities and Spam-Assassin (www.spamassassin.org), a free, open-source mail-filter package that uses a variety of techniques including Bayesian filtering, which is based on a form of statistical analysis. Tenon provides no documentation on customizing SpamAssassin for use with Post-Office or adjusting its rules for your mail server, but a Web search will uncover tutorials by users who have managed to customize their PostOffice-SpamAssassin setups. MailServer includes the SpamEliminator engine, which assigns email messages a numeric spam score based on various factors. You can configure the server to tag mail with a certain score as spam, and then to either alter the subject line (for example, adding **SPAM** to alert users), or to silently discard the message. CommuniGate Pro users can download the SpamCatcher plug-in from Stalker's Web site - you can also use SpamAssassin with CommuniGate Pro, but it's difficult to set up. Spam-Catcher is priced according to the number of messages per hour you'd like to scan for spam - for example, $279 buys you 50 messages per hour, and $559 buys you 150 messages per hour. Macs aren't nearly as susceptible to email-borne viruses as Windows machines are, but some of your users will probably use Windows - so your mail server should protect against viruses. Many viruses can be avoided simply by refusing attachments with certain file-name extensions (.exe, .bat, and .scr, for example), but true virus-protection requires that you fully scan all email parts. PostOffice fails this test because it lacks an easy way to integrate with existing antivirus software. Tenon's Web site claims that some of its customers have created scripts for McAfee's Virex that scan email before it is delivered to users. But this method still allows viruses to be accepted by the mail server before the script runs. Fortunately, the other three mail servers provide virus protection. 4D Mail will determine whether Virex ($35 per server for a two-year subscription from McAfee) is present during installation, and it will let you scan all the messages going through your mail server if you choose that option. CommuniGate Pro users can download plug-ins that incorporate Sophos Anti-Virus ($349 for 50 messages per hour, $699 for 150 messages per hour) or McAfee Anti-Virus ($399 for 50 messages per hour, $799 for 200 messages per hour), whose installation and configuration are as complex as SpamCatcher's but whose results are excellent. You can download a version of MailServer with McAfee Anti-Virus already installed, with which you can automatically schedule downloads of new virus definitions. This option provides the most hassle-free virus protection of the four servers. Adding antivirus capabilities to MailServer costs between $14 per user for a 20-mailbox license and $4 per user for a 1,020-mailbox licence. Built-in alternatives: mail servers
Why spend money on one of these mail servers when you can get one free? OS X has always included a mail server. Postfix (in Panther) and Sendmail (in all earlier OS X releases) are powerful open-source mail servers that have run on Unix machines for years. But without various add-ons and plug-ins, and a lot of obscure knowledge, you can’t do much with either of them. To use them as full-fledged mail servers, you’ll need to edit text configuration files, using documentation found on the Postfix and Sendmail Web sites and in the additional software packages. This will likely be daunting even for simple configurations. There’s another way to make OS X’s mail server work for you – upgrade to Mac OS X Server 10.3. Of course, this removes the free aspect (it costs $999 for unlimited clients). Panther Server provides Mail Services, which includes Postfix for SMTP, Cyrus IMAP for IMAP/POP, and SSL encryption for them all. Mail Services also adds SquirrelMail, a Web-based email client, and GNU Mailman, a powerful mailing-list package. The best news is that you control all of Mail Services’ components through a GUI, staying far from the nasty innards of text-based configuration files. You configure Mail Services through the -Server Admin interface, which allows easy setup and control of core mail services – for example, you can add authentication and secure connections to POP, IMAP, and SMTP traffic by selecting options. Spam and virus control is provided only through DNS blacklists, but administrators comfortable with OS X’s Terminal application can configure Postfix to use third-party or open-source software such as Spam-Assassin and MIMEDefang (www.mimedefang.org). Management of Mailman mailing lists is straightforward and intuitive. And SquirrelMail’s clean and customizable design means that you won’t spend much time explaining to email users how to read their mail in a Web browser. Mac OS X Server 10.3 won’t be an attractive option for small organizations. However, its powerful and stable email service is a very good choice for medium and large groups with hardware horsepower sufficient for running the software smoothly.