Solved

What are the risk of having a mail server?

Posted on 2006-07-19
6
333 Views
Last Modified: 2010-08-05
My management would like to monitor our staff's email content and traffic, thus one of my suppliers proposed to setup a mail server in our office to cater for such purposes.  His proposal is to use Merak Mail Server.  Being a management team member, i would like to know what are the potential risks and dangers or hassles of accepting such proposal.  Our comapny currently has about 40+ internet users, mainly using internet for emails, VOIP, and net surfing.  We do not have IT personnel in our company and the email solution we are using currently is webmail.  At the moment, we only control our internet traffic using router software.  We are running on broadband and fixed IP.
0
Comment
Question by:ohjani
6 Comments
 
LVL 6

Expert Comment

by:Nzarth
ID: 17136746
Could be a few, but depends on your local law:

You may need to let your staff know that their email is being monitored.  What extent is it being monitored for? Can staff be sacked/disciplined for email inappropiate material?

As far as hosting your own mail server, it would be best if you limit the access to that box from the outside to just your mail provider (for example if you use SMTP then limit port 25 to your mail providers IP address.
0
 
LVL 32

Accepted Solution

by:
jhance earned 25 total points
ID: 17137149
First of all, I'd like to STRONGLY discourage you from using the Merak email server product regardless of whether or not you choose to proceed.  While this product looks good on paper (or a web page) it's, in my experience at least, a poorly implemented and even more poorly supported mess.

While not supported a lot better, the ALT-N MDaemon package at least works better.  But from my experience you'll get much better results and support if you go with MS Exchange or even Windows Server's in-the-box SMTP/POP3 servers.  

You could also scrap the idea of using Windows as an email host and simply use a Linux box as your email host.

But since you mentioned that you have no in-house IT support, I'd strongly recommend against hosting your own email server at all.  Of all the things you might do, this probably takes more admin support than anything else and you will be very dependent on the outside contractor to do anything and everything.

If I were your consultant, based on your size and network I'd probably be recommending an outside-hosted email solution.  These do not have to be webmail although most do offer a webmail option which is handy.

I also don't see why you need to host internally to get a handle on what employees are doing.  Just about any of the network monitoring tools or appliances will capture email and webmail traffic regardless of where it's hosted.
0
 
LVL 5

Expert Comment

by:Dbergert
ID: 17138824
In short you don't want to do this, and you will what to use http://postini.com/postini_solutions/smb_archive_manager.php  with your existing email server.

With 40 employees I don't think you will really get much ROI, by purchasing a server that has some hardware redundancy, Anti-Virus Email Softwrae, Operating System, Anti-Spam, and the monitoring and administration that it will take to patch and harden and maintain the email server.   you also stated that you are running off of broadband, if you connection goes down, generarlly so will your email server.

The Postini Solution requires your ISP to perform some configuration changes to first have the email sent to them for archiving, spam, anti-virus, etc purposes and then forwarded on to your normal and current mail server nothing to change, and all of your email will be archived and avalable to view at postini.
0
 
LVL 32

Expert Comment

by:r-k
ID: 17142586
Yes, I would also suggest that you don't want your own mail server. Email is important enough and you are only asking for frequent downtime if you try to run it without competent local IT support.

Use one of the alternate suggestion already posted above.
0
 
LVL 1

Assisted Solution

by:masterhacker
masterhacker earned 25 total points
ID: 17291873
I agree a mail server is just asking for trouble.  I suggest going with software on each computer:

http://www.spectorcne.com/

You may not want to give anyone ideas though?
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question