# new enterprise mail system

## morphal

I'm looking to improve my new employer's mail system.

My predecessor built a Postfix/Dovecot system on RHEL4 with a Barracuda appliance as a spam filter. I would like to build something completely self-contained and eliminate dependence on the Barracuda device as well as migrate to a Linux distro I find more palatable.

I'm looking at this HOWTO but I was eyeing it up long before I got this job. It could be out of date or it might not be the solution I think it is.

I don't know enough about the Barracuda devices to be sure of what I'm giving up if I get rid of the one we have. Any ideas on how the above HOWTO-system compares? I see tons of guides, HOWTOs, suggestions, preferences, etc. that talk about any number of different ways to set up a mail system and they can't all be the best system ever.

The one catch that I'm certain no email-HOWTO I've ever seen has addressed is how to go about sensibly archiving email. My employer would like a copy of every email archived somewhere for safe-keeping. We're not spying on anyone, I don't want any kind of automated flags going if someone sends a joke they're not supposed to. It's an enterprise environment, we need some way to go back and examine things if something unusual happens. For example: Just the other day the president of the company got a rather legitimate-seeming email that said he had been identified as a source of spam. I flipped up the log and looked at the stuff he'd been sending and I saw no trace of spam. I gave his computer a couple good scans anyway. He was clean. I was also able to spot some error reports that been ignored for months because they were being mailed to a company we outsourced to that hadn't ever looked into the problem.

Our current method for this involves every email being BCCed to a dummy account that is then checked with Outlook. Our "archive" is a giant inbox. This isn't really feasible for the long term.

For specifics: We've got about 50 users with a few hundred emails a day. We're not looking to filter anything based on content so long as it's virus-free and not spam. We've got users in four cities but I don't believe they have much in the way of infrastructure at the branches, just basic net access and maybe a hardware firewall (I'm new and I haven't been there yet.) Will the above HOWTO meet my needs? If not, where can I turn? If so, I should be able to run it on the same hardware as the current mail system, yes?

Also, let's assume I find a system that meets my needs and I successfully implement it in a test setup. Is there a good way to migrate things from one system to the other? I'm fine with having my users offline for a bit but I want to make sure no mail is lost in the process and mail sent to my users during the migration will be successfully delivered when they are able to reconnect, ie. our business partners wont have any emails bounced back to them because our mail system was down.

Eventually, I'd like to replace this silly thing as well, but one problem at a time 'ey?Last edited by morphal on Tue Oct 31, 2006 7:22 pm; edited 1 time in total

----------

## morphal

Hm ... is it too big of a question? Should I ask lots of smaller, disassociated questions in several different posts and leave out details to make it seem less daunting?

----------

## bludger

I don't know if this is what you are looking for, but I just use rdiff-backup to backup the mail directories to a remote server.  It has the advantage that it performs an incremental backup, recording versions for each file.  This means that it is possible to recover deleted files.  So if a user deletes all of their old mails and then later wants to see the mails from 6 months ago, it is possible to recover their mail directory from that date.  

http://www.nongnu.org/rdiff-backup/features.html

----------

## morphal

Ah, that's a good step in the right direction.

How is that really going to work with lots of dynamic connections and mail being received, sent, and deleted fairly constantly throughout the day?

They'll be using POP3 and that deletes the mail from the server itself, yes? Or am I demonstrating my noobishness again? Perhaps I'm just unfamiliar with the actual function of rdiff-backup. I'm reading through the documentation and it seems like I'd run it as a cronjob, not an actual daemon. If that's the case, wont it have a problem archiving changes that could be happening several times a minute?

Edit: Yeah, I know that's how it works. I had a momentay lapse of sense. There's not much of a file to back up once they download their mail to Outlook or whatever. Perhaps I should create a user that has read access to shared folders containing their Outlook info? That still seems awkward but at least it's less hack-ish than the current nonsense.

----------

## bludger

Sorry for the late reply.

If you have a system which has a lot of open files being written to constantly, you might want to take a look at this:

http://tldp.org/HOWTO/LVM-HOWTO/snapshots_backup.html

I haven't tested it myself, but it looks like something that should work.

----------

## bludger

 *bludger wrote:*   

> Sorry for the late reply.
> 
> If you have a system which has a lot of open files being written to constantly, you might want to take a look at this:
> 
> http://tldp.org/HOWTO/LVM-HOWTO/snapshots_backup.html
> ...

 Just be careful that you have a version of lvm that is compatible with your kernel. I did not and it hung when I tried to remove the snapshot.  I ended up having to reboot from a system rescue cd with lvm on it, to remove the snapshot. phew.

----------

## Genone

I wouldn't recommend a file based solution for mail archiving purposes (file based solution just archive a given state which is insufficient for scenarios like this with a high rate of changes). That should be handled at the MDA level. Can't give you specific instructions, but your old solution doesn't sound so bad in general. If filesize is the problem you could rotate them and/or create a separate archive account for each user.

----------

## Rad

I concur with genone's opinion. I'd just like to add that if for some reason a mailbox is absolutely not good enough, most mta's actually allow you to hook scripts to process mails. They are generally used for spam filters and such, but I think you can do anything with them...

----------

