Confused ?!?

[Duane Abrames]

Hello,

I'm working with a 30-day eval, and I have some confusion going on.

Let me give some backbround.

We're a Systems Integrator/Managed Service provider, and one of the services we provide to our clients is ISP services, and POP email services. Of course that means we have to have an e-mail server. Our current solution is spread over two servers, one a very old Sendmail box running on an old version of Red Hat. The other is xmail server running on windows 2003. The xmail is a great mail server, it's small, fast, and no-nonsense, and I've written a couple of filters for it that make it do just what we want with the incoming mail. Unfortunately, it has no webmail that's worth a darn, and I'm the only one who can trobleshoot anything more complicated than a lost password. We have already been looking at replacing IIS's FTP service with something else, to get some address space back on our web farm, since every darn customer who has been given FTP is consuming an IP right now, even if their site is host-headered with a bunch of others. Ability FTP was one of the products on our radar for that project, and so I came across the mail server package, and the rather attractive bundled price...

So far, I have installed the product in demo mode on my Vista machine, and played around with it quite a bit, trying to see how we can duplicate some of the functions that we need within the framework of this package. I have ot come up with much that I cannot fogure out, but one thing is stumping me when I thought I had pretty much figured out how things worked. I have used the CSV import function (after spending an hour hacking up a csv exporter for xmail) to create 10 of my domains (the demo limit) with a total of 99 users. I was playing around with various options when I came across the "Encrypt Passwords When Saving to File or ODBC" which is of course, on by default. I do have a couple of customers who have 100+ users, and they prefer to be able to look up a users' password rather than just resetting it. I thought about just turning that option off, and just deal with managing the security of the data in some other ways. I turned it off, and though to myself "I wonder if that just decrypted the existing passwords?", so I went to the program directory to check out the config files. This is when my confusion set in. I have 99 users, and 10 domains, but my domains.ini only shows the original domain I created by hand, and users.ini only has one user in it. I thought perhaps the information had not been flushed to disk, and so I exited the mail server and came back, but the files did not change, but the accounts and domains were still all showing in the software. Where is this info being stored? Would changing that option have decrypted all existing passwords, or are encrypted and unencrypted passwords able to cohabitate?

One other question I have is a bit of a scenario. We resell an off-site spam filtering service, which some (but not all) of my hosted e-mail customers use. In order for such a system to be effective, it requires that all mail for the filtered domains be restricted to coming from the service's mail servers. Usually they tell end users who host their own mail on their own server to
reject connections from everywhere else at the firewall or SMTP connection level, but in a multi-domain environment, I can't really do that. I have suggested to management that we roll the spam filtering service into our email box pricing, and require everyone to have it, but I don't think that will fly. In my xmail server, I have a custom filter that runs in the pre-data state. It checks to see if the message's recpients are in one of the spam-service domains, and then checks the source IP against their list of outbound servers if they fail the test, then we 550 reject the message. It looks like I can do something of the sort with content filtering rules, but there will be a lot of conditions, and it all happens post-data. Is there some other way to accomplish this task?

[Duane Abrames]

Also, is there no UI to view (and/or manipulate) the outbound mail queue?

[rob]

Thank you for your interest in Ability Mail Server.

The user list is by default stored in the users.ini. However, on vista this can be a little misleading because if the software is not run in adminstrator mode, Vista 'protects' the program files folder from changes and places the files in some virtual user file system (the files actually end up in your User folder some where within a database like file). What we recommend is that you run the software in Adminstrator mode to ensure the program files directory is the actual location used. This will also improve performance on Vista.

As to your filtering requirement. Content filtering presently is only run after the mail has actually arrived, and so it is not presently possible to manipulate the SMTP responses as they connection has usually closed already at that point. The possible alternatives include generating a new mail which will get placed in the outgoing mail queue. However, I would not recommend this due to the large volume of bounce messages that could potentially flood your outmail queue. However, if the MX records do not reference your mail server for those domains, no mail should ever arrive and so it may be acceptable to simply delete or direct the mails to a specially created junk user on the domain.

Presently there is no way to access and view the outgoing mail queue, although this is in our plans for addition in the future (no date yet sorry).

[Duane Abrames]

Thanks for the response. I think content filtering will work alright for my needs, I just need to figure out how to make it easy to set up for the other junior admins who generally end up setting up all the mail accounts.

I had forgotten about the Vista user-protection stuff, I've just switched my desktop to Vista within the last 30 days, that certainly explains what was going on.