Solved

What are the risk of having a mail server?

Posted on 2006-07-19
6
326 Views
Last Modified: 2010-08-05
My management would like to monitor our staff's email content and traffic, thus one of my suppliers proposed to setup a mail server in our office to cater for such purposes.  His proposal is to use Merak Mail Server.  Being a management team member, i would like to know what are the potential risks and dangers or hassles of accepting such proposal.  Our comapny currently has about 40+ internet users, mainly using internet for emails, VOIP, and net surfing.  We do not have IT personnel in our company and the email solution we are using currently is webmail.  At the moment, we only control our internet traffic using router software.  We are running on broadband and fixed IP.
0
Comment
Question by:ohjani
6 Comments
 
LVL 6

Expert Comment

by:Nzarth
ID: 17136746
Could be a few, but depends on your local law:

You may need to let your staff know that their email is being monitored.  What extent is it being monitored for? Can staff be sacked/disciplined for email inappropiate material?

As far as hosting your own mail server, it would be best if you limit the access to that box from the outside to just your mail provider (for example if you use SMTP then limit port 25 to your mail providers IP address.
0
 
LVL 32

Accepted Solution

by:
jhance earned 25 total points
ID: 17137149
First of all, I'd like to STRONGLY discourage you from using the Merak email server product regardless of whether or not you choose to proceed.  While this product looks good on paper (or a web page) it's, in my experience at least, a poorly implemented and even more poorly supported mess.

While not supported a lot better, the ALT-N MDaemon package at least works better.  But from my experience you'll get much better results and support if you go with MS Exchange or even Windows Server's in-the-box SMTP/POP3 servers.  

You could also scrap the idea of using Windows as an email host and simply use a Linux box as your email host.

But since you mentioned that you have no in-house IT support, I'd strongly recommend against hosting your own email server at all.  Of all the things you might do, this probably takes more admin support than anything else and you will be very dependent on the outside contractor to do anything and everything.

If I were your consultant, based on your size and network I'd probably be recommending an outside-hosted email solution.  These do not have to be webmail although most do offer a webmail option which is handy.

I also don't see why you need to host internally to get a handle on what employees are doing.  Just about any of the network monitoring tools or appliances will capture email and webmail traffic regardless of where it's hosted.
0
 
LVL 5

Expert Comment

by:Dbergert
ID: 17138824
In short you don't want to do this, and you will what to use http://postini.com/postini_solutions/smb_archive_manager.php  with your existing email server.

With 40 employees I don't think you will really get much ROI, by purchasing a server that has some hardware redundancy, Anti-Virus Email Softwrae, Operating System, Anti-Spam, and the monitoring and administration that it will take to patch and harden and maintain the email server.   you also stated that you are running off of broadband, if you connection goes down, generarlly so will your email server.

The Postini Solution requires your ISP to perform some configuration changes to first have the email sent to them for archiving, spam, anti-virus, etc purposes and then forwarded on to your normal and current mail server nothing to change, and all of your email will be archived and avalable to view at postini.
0
 
LVL 32

Expert Comment

by:r-k
ID: 17142586
Yes, I would also suggest that you don't want your own mail server. Email is important enough and you are only asking for frequent downtime if you try to run it without competent local IT support.

Use one of the alternate suggestion already posted above.
0
 
LVL 1

Assisted Solution

by:masterhacker
masterhacker earned 25 total points
ID: 17291873
I agree a mail server is just asking for trouble.  I suggest going with software on each computer:

http://www.spectorcne.com/

You may not want to give anyone ideas though?
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques. This attack comes as a nightmare trifecta for email filtering services; sent from a familiar contact, using authentic tone and verbi…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question