The Practical SysAdmin – Email

As I mentioned here, I often find myself looking at the chosen solutions that I choose and wondering if they are truly in line with the Free and Open Source ideals that I advocate. There are times when the truly 100% FOSS solution just isn’t time-effective for the situation. To that end, at least in my own mind, I’m endeavoring to establish a new philosophy within the universe of System Administrators.

Practical Systems Administration (noun) – The philosophy of adopting open source applications and principles whenever possible, but allowing for the occasional closed-source if it is truly an innovative, cost, and time effective product.

So what does this mean? Most of the time, not much at all. In my experience, the vast majority of the time an open-source, community-driven product is going to be a much better long-term solution within your IT Group than closed-source or pay software. There is a great webcast and talk about it at here, with the CEO of Automattic (who make WordPress) and others.

But there are exceptions that can greatly affect your IT infrastructure. If taken advantage of, not only can you save time by not taking care of things that you don’t want or have to, but your company saves as well. The biggest example of being a Practical SysAdmin so far is with Email. You know it. Email, that bastion of corporate IT.

We’re not going to talk about Microsoft Exchange. Implementing that, and paying the small army to cajole it into relatively constant operation, is as closely akin to burning $50 bills as I can think.

There’s also Zimbra. Owned by VMWare, Zimbra has adopted an open-core business model. I’ve mentioned my dislike for this before, and it eliminates Zimbra as my email solution.

The truly open source solution for email is:

  • Get a box (or cluster) up and running as your ClamAV scanner
  • Get another box (or cluster) up and running as your SpamAssassian scanner
  • Set up a your outbound mail server (or cluster) – I like Postfix
  • Set up your inbound MTA (or cluster) for POP and IMAP access – I like Dovecot.
  • Don’t forget to set up your mail stores on some sort of shared storage
  • Set up something for webmail access – is roundcube still around?
  • String all of this together, including DNS that won’t land you on blacklists all the time. Don’t forget the SPF records.
For a company the size of mine (50 email-crazed employees), this would represent at least 6 physical servers, and hours every week to maintain and fix issues. It’s not a bad paycheck, I’ll happily admit. But I proved a long time ago that I could set up email for a company. There is no innovation in it, and there is no innovation in email for my company. At its absolute best-case, it’s a losing proposition.
There are some edge-cases, of course. If our company was big into email blitzes, a portion of what I outlined above might be a good idea. But we’re not. We use email like we use the telephone. We use it a lot, and we want it to “just work”.
Which leads us to the wonderful world of Google Enterprise Apps. For $50 per user/year, you get corporate access to Google’s Gmail platform, plus Google Docs, Reader, and about 80 other Google services. All tailored for your domain. So for our 50 users that’s $2500 annually for email. In the past year, the 2 people in the IT Group at my company has spent ~3 hours troubleshooting email issues. So out of ~4,000 hours of IT work, 3 or so were spent on email issues. And Google had a 99.84% uptime last year for the service. 2 people couldn’t provide that uptime percentage when running it all in-house (unless they were REALLY obsessed about email. Like, scary obsessed). It’s just not feasible.
The storage space is also worth considering. Each user gets 25GB of storage. To hold that in house, our mail store would have to be 1.25 TB (usable) for our current employee list. That’s also not counting spam queues or anything else.
Spam? How is YOUR gmail spam filter doing? Security? When was gmail actually hacked? I’m not talking about gmail USERS, but actually GMail. I don’t know of an example (If it exists, let me know).
There are likely some examples (I’m thinking of FISMA compliance nastiness with the government) that may make GMail not an option. But for 5AM Solutions, it’s an incredible return on a $2500 investment this year.
As for open source, no. Google Apps is NOT open source. Google IS one of the biggest contributors to the open source community in the world, but this project is not among them. There are attempts to re-create the usefulness of GApps as a purely open source platform (see OpenGoo – stil active?). But it’s not there yet, and with Googles pockets and desire to stay creative and innovative, it likely never will be there.