E-mail has long been considered the "killer app" of the Internet. Some 12 trillion e-mail messages are estimated to be sent around the globe every year — and that figure alone grows by the day.
The overall e-mail server market continues to grow and is roughly split between Unix-like installations and Windows-based platforms. Within the realm of Unix-like operating systems such as Linux, Solaris, and BSD, the venerable sendmail continues to rule the roost. Newer rivals exim and postfix occupy much of the remaining territory. All three are highly flexible, open-ended mail servers which, with sufficient administrator know-how, can be extended to handle an extraordinary variety of e-mail management needs. The dominant Unix mail servers are typically free software although, given their relatively high learning curves, they do incur an ongoing cost of operation.
A wider variety of mail servers populate the Windows landscape. While Microsoft Exchange stands atop the pack, a long list of alternatives including ArGoSoft Mail Server Pro, Avirt MailServer, CommuniGate Pro, Eudora WorldMail Server, FTGate Pro, Kerio Mail Server, Lotus Domino, MDaemon, and Merak Mail Server remain viable players. Along with a wide variety of e-mail server choices on Windows comes an equally wide variation in licensing fees, ranging from hundreds to thousands to tens of thousands of dollars. Roughly speaking, the top-tier prices correlate with servers designed for extremely demanding and massive scale environments.
Along with the massive surge in e-mail usage around the globe, an even more astounding and troublesome trend continues to emerge. A rapidly increasing percentage of e-mail messages are unsolicited — and sometimes malicious, from conventional spam to virus-laden carriers to so-called phishing scams. In early 2003, the oft-cited estimate of e-mail considered spam was approximately 40 percent; by early 2004 this figure had jumped to 60 percent. At the start of 2005, some sources estimate spam comprises as much as 70 percent to 80 percent of global e-mail traffic.
In early 2003, the oft-cited estimate of e-mail considered spam was approximately 40 percent; by early 2004 this figure had jumped to 60 percent. At the start of 2005, some sources estimate spam comprises as much as 70 percent to 80 percent of global e-mail traffic.
The burden of spam and viruses on enterprises is significant — as much as $40 billion in support and infrastructure costs just to deal with the problem. Consequently, "Security has been the key focus of corporations," said Teney Takahashi, an analyst for The Radicati Group, a market research company in the e-mail and messaging space.
Not surprisingly, anti-spam and anti-virus features have been the most common upgrades to mail server packages in the past year. A strong anti-spam feature set will offer several defenses, which work in combination to trap the majority of incoming spam.
The current Bayesian filters are much more sophisticated than previously popular content filters. Bayesain filters analyze patterns in messages rather than looking only at specific words, and they learn as spam content itself evolves. Blacklist support is an effective way to block e-mail from known spam sources — particularly dictionary-based spam attacks, which can flood a server with thousands of messages per minute. Whitelists can be useful, particularly with mailing list messages, but should be relied on cautiously. Because many spam- and virus-spawned message spoof their "From" addresses from local users' address books, they can evade whitelists.
Support for DNS Blacklists, such as Spamcop and ORDB, can provide the server with real-time information on spam sources that gets automatically updated as spammers migrate among servers. Attachment Filters can restrict the kinds of attachments allowed through the server, potentially reducing exposure to virus infections on local machines. And support for the Sender Policy Framework (SPF), while still maturing, can help verify the authenticity of a message's origins and weed out messages with forged headers, a common practice behind many malicious messages.
When it comes to anti-virus support, most mail servers turn the nitty gritty work over to third-party engines. Typically, a separate license is needed for anti-virus defense as an ongoing cost for access to continually updated virus definitions. There are exceptions, such as 602 Software's 602LAN SUITE, which includes a fully integrated and self-updated anti-virus feature. But more often you will find, and should minimally expect, support for third-party anti-virus scanners. With an integrated scanner, the mail server can flag, disinfect, or quarantine messages with attached viruses — potentially saving a lot of headaches and support costs down the road.