To an organization, e-mail is arguably the most important Internet service. It cuts down the costs and hassle of communicating with people around the world. But if you want more flexibility and control of your e-mail than your Internet service provider can give you, you’ll need to run a mail server on your network.
At the most basic level, a mail server helps send and deliver e-mail messages. It accepts e-mail messages from people who have e-mail accounts on the server (your users), and figures out whether to deliver the messages to another user within your organization or to ask another mail server somewhere on the Internet to accept them. It also accepts e-mail messages from other mail servers on the Internet, and it decides whether to deliver them to users on your server, reject them as undeliverable or unwanted, or relay them to yet another mail server for delivery assistance. A mail server need not be on a dedicated machine — many organizations run e-mail, Web, and FTP services from one computer — but the more RAM your mail server has available to it, the faster and more efficient your e-mail service will be.
The stability of OS X makes it a fine platform for mail servers — it’s far better than OS 9, which has less-stable memory management. We evaluated four mail-server software packages available for OS X: 4D’s 4D Mail 5.3.2, Kerio Technologies’ Kerio MailServer 5.7.4, Stalker Software’s CommuniGate Pro 4.1.8, and Tenon Intersystems’ PostOffice 3.5.3. (Another mail server, Eudora Internet Mail Server, was released too late for inclusion in this review.) We also weighed the benefits of buying one of these products against those of using the mail-server software that ships with OS X (see “Built-in Alternatives”). To simulate a medium-sized business setting, we tested each product on a Power Mac G4 by creating 50 e-mail users, a handful of mail aliases, and a few mailing lists (on the mail servers that support them). While all four servers performed basic mail-server operations without fail, Kerio MailServer’s and CommuniGate Pro’s advanced features make them the best of the bunch.
Modern mail servers should let users send and receive e-mail from a variety of e-mail clients — such as Qualcomm’s Eudora, Microsoft Entourage, or Apple’s Mail — and they should communicate with other servers using recognized Internet protocols. All the servers we reviewed performed these tasks very well.
With the Internet becoming a much less trustworthy place, however, a mail server also needs to protect itself against unauthorized use, spam, and viruses. But it can’t completely shut itself off from the world, as telecommuters and other travelers often need to send and receive e-mail through it, either via a secure authorized connection or through a Web interface. The more flexible your mail server, the happier you and your users will be.
Setting It Up
All four products were easy to install. After installation, it’s time to set up your new mail server using its administration interface. MailServer’s Administration Console was a wonderfully intuitive, easy-to-use OS X application. You can control all of MailServer’s features through its Administration Console, which you can install on a remote machine so administrators don’t need to be on-site to monitor the server and make changes. Of the four servers we reviewed, MailServer will give you the least setup trouble.
4D Mail’s administration interface is the 4D WebStar Launcher’s Admin Client. This is also a well-designed and easy-to-use OS X application. 4D Mail is divided into three separate servers: the Admin Server, for controlling who is allowed to make administrative changes; the SMTP Server, which handles communication between e-mail servers; and the Mailbox Server, which stores messages that users will read with an e-mail client.
PostOffice uses a Web-based administration interface, so you can administer your mail server from a Web browser on any platform. This interface is as organized and clean as a Web-based interface can be; it’s divided neatly into account-administration, mailing-list, and server-configuration areas. But navigation is not consistent throughout — some pages don’t include a Back or a Home link. An administrator can also configure PostOffice by sending e-mail directly to the server, useful for administrators with portable e-mail devices.
CommuniGate Pro also has a Web interface for administration, and it makes the product’s flexibility and complexity readily apparent. There are so many options — some that a mail administrator may never need to understand — on every screen that a novice mail administrator can easily get lost. But even a quick tour through the pages shows that CommuniGate Pro is a very powerful piece of software — this is e-mail serving for serious pros.
Users and Control
Creating user accounts was fairly easy on all four mail servers, which store user information in their databases. MailServer allows synchronization with Apple’s Open Directory,
a Microsoft Windows NT 4.0 domain, or Microsoft’s Active Directory. And CommuniGate Pro can also integrate with an existing LDAP directory, bringing the elegance of a central user database to your e-mail server.
E-mail users often want to change the way their mail is handled, such as forwarding messages to another e-mail address or sending an autoreply message when they don’t plan to check their mail for a while. PostOffice lets users use its well-designed Web interface to control most aspects of e-mail delivery, and to change personal information and passwords. CommuniGate Pro gives users similar control over their accounts, though the Web interface here is as crowded and as complex as the administrative interface. 4D Mail and MailServer, however, don’t give users any control over their own accounts.
These e-mail servers also give users access to their e-mail via a Web browser. PostOffice comes with ten client licenses for WebEdge (which costs $500 if you have more than ten users). WebEdge works much like Yahoo Mail; it has a spelling checker, an address book, and a well-designed calendar. 4D Mail includes 4D WebMail, a separate server that allows Web access. WebMail runs independently of the mail server, so you have to take the extra step of importing the user database from 4D Mail before enabling Web access. CommuniGate Pro’s Web client is not handsome, but it’s certainly feature-rich. We were impressed by MailServer’s Web client. The cleanest and best designed of the four, it’s good enough to make you think of using it instead of your regular e-mail client.
From One to Many
When you want to send messages to multiple recipients, mail servers can provide shortcuts: they let you create aliases and mailing lists, which are two ways of sending e-mail to one e-mail address that represents another or many other e-mail addresses. Aliases are administrator-created shortcuts to one or more e-mail addresses. As for mailing lists, users can manage, create, and administer them, and let anyone interested in being part of the list add themselves and control their options by sending e-mail messages to the mail server, even if they don’t have an account on the server. Mailing lists (or listservs) are a good way to let outside people participate in discussion groups, and the ease with which they can participate is important.
All four products let an administrator easily create aliases, but 4D Mail had a quirk — it wouldn’t let an administrator add users to an alias until the administrator created an empty alias. MailServer and CommuniGate Pro also provide groups, special e-mail aliases consisting only of MailServer users. MailServer, PostOffice, and CommuniGate Pro also let the administrator add new users to aliases when their accounts are created, which is a time-saving step.
Both PostOffice and MailServer provide superior control over mailing lists, with options for setting them up, as well as options for subscribing and posting, requiring moderation of posts, adding headers and footers, and enabling automatic replies to messages. These two servers and CommuniGate Pro allow people interested in your e-mail list to subscribe, participate, and set options completely through e-mail, keeping the need for administration to a minimum. 4D Mail doesn’t provide mailing-list capabilities.
Sending and Receiving
All four mail servers use standard Internet protocols to get e-mail where it needs to go: SMTP (Simple Mail Transfer Protocol), POP (Post Office Protocol), and IMAP (Internet Message Access Protocol).
4D Mail and PostOffice use these three protocols and encrypt the POP password. But these protocols send messages in unencrypted clear text, so a machine on the same network as the server and client can potentially read information in transit. Using a secure connection to exchange passwords and transfer e-mail is one of the simplest ways an organization can protect itself from information theft.
MailServer and CommuniGate Pro solve the security problem by including services that use the Secure Sockets Layer (SSL) protocol to encrypt information between the server and the client. Both create a default SSL certificate during installation to provide basic encryption. MailServer includes a certificate-creation wizard for making more-authoritative certificates that prove the identity of your e-mail server to clients that connect to it.
With e-mail spam and viruses at epidemic levels, mail servers need to be choosy about the mail they accept. You can’t keep spammers from knocking at your door, but you should certainly be able to keep them out. 4D Mail offers several methods of identifying possible spam. You can subscribe to DNS blacklists — centralized lists of IP addresses and domains that have been used to send unsolicited mail in the past — and reject mail sent from blacklisted addresses, sending back a short message explaining the rejection. The server can also be configured to enforce reverse IP lookup matching, which will reject mail from IP addresses that pretend to be from a different Internet domain.
4D Mail also lets you create filters that search for certain words or phrases in e-mail headers (for example, they’ll look for Viagra or Valium in a message’s subject line). But trying to keep up with spam by manually creating e-mail–header filters will quickly wear down the patience of an e-mail administrator. PostOffice does 4D Mail one better by including all of 4D Mail’s antispam capabilities and SpamAssassin (www.spam assassin.org), a free, open-source mail-
filter package that uses a variety of techniques including Bayesian filtering, which is based on a form of statistical analysis. Tenon provides no documentation on customizing SpamAssassin for use with PostOffice or adjusting its rules for your mail server, but a Web search will uncover tutorials by users who have managed to customize their PostOffice-SpamAssassin setups.
MailServer includes the SpamEliminator engine, which assigns e-mail messages a numeric spam score based on various factors. You can configure the server to tag mail with a certain score as spam, and then to either alter the subject line (for example, adding **SPAM** to alert users), or to silently discard the message.
CommuniGate Pro users can download the SpamCatcher plug-in from Stalker’s Web site — you can also use SpamAssassin with CommuniGate Pro, but it’s difficult to set up. SpamCatcher is priced according to the number of messages per hour you’d like to scan for spam — for example, $279 buys you 50 messages per hour, and $559 buys you 150 messages per hour. Like just about everything else in CommuniGate Pro, SpamCatcher is not straightforward to configure, but it provides increased customization and control to administrators who don’t mind reading extra pages in the manual and editing text files in OS X’s Terminal.
Macs aren’t nearly as susceptible to e-mail–borne viruses as Windows machines are, but some of your users will probably use Windows. So your mail server should protect against viruses. Many viruses can be avoided simply by refusing attachments with certain file-name extensions (.exe, .bat, and .scr, for example), but true virus protection requires that you fully scan all e-mail parts. PostOffice fails this test because it lacks an easy way to integrate with existing antivirus software. Tenon’s Web site claims that some of its customers have created scripts, for McAfee’s Virex, that scan e-mail before it is delivered to users. But this method still allows viruses to be accepted by the mail server before the script runs.
Fortunately, the other three mail servers provide virus protection. 4D Mail will determine whether Virex ($35 per server for a two-year subscription, from McAfee) is present during installation, and it will let you scan all the messages going through your mail server if you choose that option. CommuniGate Pro users can download plug-ins that incorporate Sophos Anti-Virus ($349 for 50 messages per hour, $699 for 150 messages per hour) or McAfee Anti-Virus ($399 for 50 messages per hour, $799 for 200 messages per hour), whose installation and configuration are as complex as SpamCatcher’s but whose results are excellent. You can download a version of MailServer with McAfee Anti-Virus already installed, with which you can automatically schedule downloads of new virus definitions. This option provides the most hassle-free virus protection of the four servers. Adding antivirus capabilities to MailServer costs between $14 per user for a 20-mailbox license and $4 per user for a 1,020-mailbox license.
Macworld’s Buying Advice
All four e-mail servers will serve certain organizations well. 4D Mail will integrate with existing WebStar and 4D applications, but it has no secure services and no advanced spam control — huge drawbacks. PostOffice is a good choice for organizations that want administration to be as hands-off as possible, and that want to let users and the people on users’ mailing lists control configuration as much as possible — but we’re wary of its lack of secure services and its omission of spam control. CommuniGate Pro is the best choice for very large organizations with money to spend and administrators who want the most control under the hood. And Kerio MailServer, with its dedication to security, ease of administration, and flexibility, is simply spectacular right out of the box.
Why spend money on one of these mail servers when you can get one for free? OS X has always included a mail server. Postfix (in Panther) and Sendmail (in all earlier OS X releases) are powerful open-source mail servers that have run on Unix machines for years.
But without various add-ons and plug-ins, and a lot of obscure knowledge, you can’t do much with either of them. To use them as full-fledged mail servers, you’ll need to edit text configuration files, using documentation found on the Postfix and Sendmail Web sites and in the additional software packages. This will likely be daunting even for simple configurations.
There’s another way to make OS X’s mail server work for you — upgrade to Mac OS X Server 10.3. Of course, this removes the free aspect (it costs $999 for unlimited clients). Panther Server provides Mail Services, which includes Postfix for SMTP, Cyrus IMAP for IMAP/POP, and SSL encryption for them all. Mail Services also adds SquirrelMail, a Web-based e-mail client, and GNU Mailman, a powerful mailing-list package. The best news is that you control all of Mail Services’ components through a GUI, staying far from the nasty innards of text-based configuration files.
You configure Mail Services through the Server Admin interface, which allows easy setup and control of core mail services — for example, you can add authentication and secure connections to POP, IMAP, and SMTP traffic by selecting options. Spam and virus control is provided only through DNS blacklists, but administrators comfortable with OS X’s
Terminal application can configure Postfix to use third-party or open-source software such as SpamAssassin and MIMEDefang (www .mimedefang.org). Management of Mailman mailing lists is straightforward and intuitive. And SquirrelMail’s clean and customizable design means that you won’t spend much time explaining to e-mail users how to read their mail in a Web browser.
Mac OS X Server 10.3 won’t be an attractive option for small organizations. However, its powerful and stable e-mail service is a very good choice for medium and large groups with hardware horsepower sufficient for running the software smoothly.