Server mail. How to make your own mail server

Today, when you can easily get any number of free mailboxes, simply registering an account on the services of Yandex, Mail.Ru and the like, such an issue as setting up a mail server does not bother too many users.

However, there are also times when knowing at least some aspects of this issue will be useful.

When it is needed

There are not so many situations when basic knowledge of setting up mail is needed by the average user. And yet, any of them can happen at any time:

• If it was decided to switch from browser-based to dedicated in a separate program. Indeed, in many respects, such clients are preferable: they allow you to combine an email program with an organizer, a notebook, and also more flexibly manage your address book and administer messages.
• An unexpected failure occurred in the email client and all settings were lost. And then you just need to install a mail server. Setting it up usually does not require much time and effort, but otherwise you can be left without mail for quite a long time.
• Free mailboxes can be destroyed by the administration, without explanation. And, frankly speaking, such a box looks undignified in the eyes of business partners. Therefore, you will have to create a dedicated one on the server.
• If your provider offers a separate mailbox, then why not take advantage of this offer.

Setting up a Windows mail server

Basic email parameters, such as DNS, IP data and similar information, are issued directly by the provider.

To start using Windows OS, you will need to either download the appropriate one for this operating system client, or use the built-in clients. First you need to create a new one account. As a rule, they are also asked to enter its name, come up with a password and login to log in.

You may need to enable email support Windows services through the "Uninstall or Install Programs" panel in the E-mail Services components installation section.

To create a new mailbox, you will need to come up with a username and password.

In SMTP you must specify the port number 25, and for the POP3 server - 110. If the provider provides other parameters, you must enter them. In the case when the mail client you are using does not require entering a port number, you need to leave only the address issued by the provider in the “Server for incoming messages” (this can be either POP3 or IMAP) and “Name for the server for outgoing messages” ( usually SMTP only).

More fine tuning postal Windows server largely depends on what is used mail application, but the operating principle will be the same. The difference may lie in the options GUI and in menu items.

Switching from free email to a dedicated client

Sometimes you need to stay on the free one but use a separate application as a client. You can show this using the example of mail settings for the Yandex service. The mail server will then be configured with the following parameters.

1. IMAP settings for incoming messages:

• mail server address: imap.yandex.ru;
• SSL should be specified in the security settings for the connection;
• The port number is 993.

2. To configure outgoing messages via IMAP:

• specify smtp.yandex.ru as the server address;
• You must also set SSL in the connection security parameters;
• The port number should be set to 465.

3. Regarding the POP3 protocol for sent messages:

• specify pop.yandex.ru as the server address;
• SSL is specified as the security parameters for the connection used;
• The port number is 995.

4. For outgoing messages sent via POP3:

• smtp.yandex.ru is indicated as the mail server address;
• in the security parameters for the connection used, SSL is again indicated;
• The port number is set to 465.

As a username, as well as an address and password, you should set already existing addresses and passwords from mail on Yandex.

Setting up the Mail.Ru server

Sometimes you need to find out about the settings of the Mail.Ru mail server. In general, the setup looks exactly the same as described in the case of Yandex mail. But the parameters will look like this:

• full email address(in format with @ sign, for example [email protected]);
• for the IMAP server, imap.mail.ru is specified;
• for the SMTP server, specify smtp.mail.ru;
• the username is the full email address from an existing mail;
• password is the mail password used;
• IMAP: number 993 (for SSL/TLS protocols);
• POP3: number 995 (for SSL/TLS protocols);
• SMTP: number 465 (for SSL/TLS protocols);
• you need to indicate that you want to authorize the server of sent letters; in the authentication parameters - a simple password, without encryption.

In general, the settings are exactly the same as in the case of Yandex, but only with the addition of the mail prefix. For others free servers the same parameters should be set, but with the appropriate prefixes.

As you can see, in general there is nothing complicated in such a matter as setting up a mail server. Even a novice user can cope with this task. But you can be sure that even in the event of a critical failure you will not be left without mail.

The task of setting up your own mail servers using Linux tools, Apache, SQL and the like requires deeper knowledge in the field of information technology.

Mail server (email server, mail server)- in an email forwarding system, this is usually called a message transfer agent (MTA). This computer program, which transmits messages from one computer to another. Usually mail server works “behind the scenes”, and users deal with another program - an email client (English mail user agent, MUA).

Organizing your own mail server allows you to create more flexible sending and receiving policies mail messages. Often, the capabilities of a mail domain hoster to configure and process letters are limited, while ICS filters allow you to simulate many different situations, as well as keep records and statistics of transmitted messages, and much more.

When entering the module, the status of all mail and jabber server services is displayed, along with the “Disable” button (or “Enable” if the service is disabled). There is also a widget with a selection of main actions, a graph of mail statistics and mailer feeds, as well as the latest log events.

Settings

The “Settings” tab allows you to define the following mail server parameters:

SMTP/POP3/IMAP port- allows you to change the standard ports for receiving and sending mail messages.

Interfaces for SMTP/POP3/IMAP- allows you to select server interfaces through which mail messages are received and sent. By default, all interfaces are enabled.

The following fields allow you to set the maximum letter size (in megabytes), the maximum number of letters from one IP address per minute, the interval between sending attempts, as well as the minimum and maximum waiting time in the mail queue.

Rayleigh by default. Relay is a node engaged in receiving/forwarding messages (e-mail), in this case the default role is played by the ICS. In some cases, you may need to register another server through which the ICS will send mail (for example, in the case of a multi-drop mailbox configured on the provider's mail server).

Addresses from which forwarding is allowed- this is a list of addresses and domain names from which the ICS will always accept mail without checking with gray lists and checking the correspondence of forward and reverse records.

Addresses from which forwarding is prohibited- this is a list of addresses and domain names from which the ICS will always reject email messages.

RBL blacklists. RBL, Real-time Blackhole List (or DNSBL - DNS blacklist or DNS blocklist) - lists of hosts stored using the DNS architecture system. Typically used to combat spam. The mail server accesses the DNSBL and checks it for the IP address of the client from which it is receiving the message. If the answer is positive, it is considered that an attempt is being made to receive a spam message. The sending server receives a 5xx error (fatal error) and the message is not accepted. In most cases, you do not need to change this list.

Default domain for authorization defines the email domain that will be automatically substituted when the user logs in. If you specify a default domain, users of this domain will be able to log in by mailbox name without specifying a domain.

When creating a mailbox, automatically create folders- contains a list of standard folders created in the mailbox. If necessary, you can change their composition.

Check email with Clamav / Dr.Wed / Kaspersky antivirus- checking these flags signals the mail server to check incoming and outgoing messages for viruses. If the result is positive, instead of the letter itself, the recipient will receive a message about the results of the check, and the letter itself will be attached to the message.

Use greylisting. Greylisting is a method of automatically blocking spam based on what "behavior" software, intended for sending spam, behaves differently from regular email servers. If the recipient's mail server refuses to accept the message and reports a “temporary error,” the sender's server must try again later. Spamming software usually doesn't try to do this in such cases. You can enable this mode to enhance email scanning for spam. After enabling this option, the gray list parameters will become available for editing - ignore time resend(in seconds), resend waiting time (in hours), time the sender is kept in the white list (in days).

Server name for SMTP defines the SMTP Banner Postfix parameter.

Certificate for SMTP/POP3/IMAP- like other ICS services, the mail server can operate either using a standard protocol, in which data is not encrypted when transferring files (which is unsafe), or using a secure one. SSL certificates are used for these purposes. By clicking on the […] button, you can assign a certificate pre-created in the corresponding module to each protocol.

Use DLP- launches a service for checking email messages using fingerprints of confidential information.

Hard drive for mail storage allows you to move your mail storage to a separate one hard drive. By default, mail is stored on the system partition.

Signature for the web interface, it is enabled in the mail server settings; to do this, you need to check the “use signature” checkbox and enter the signature in the window that opens by clicking the “edit html” button, and then save the settings.

The signature can be entered in both wysiwyg and html mode.

In the signature you can use variables in the form [variable name], their possible values are listed below:

Cn - Username ou - Group in which he is located mail - Postal address description - Field "description" of the user notes - Field "comment" of the user telephonenumber - Field "telephone" of the user title - Field "position" of the user url - Field "Website" of the user postaladdress - Field "Address" of the user pager - Field "ICQ" user ounotes - Field "description" of the group in which he is located

To insert images, the image is encoded in data:url. This is done as follows: using the service http://dataurl.net/#dataurlmaker (or similar), the image is converted into the format , then the resulting text is inserted into the signature html code.

IMPORTANT: the peculiarity of this mechanism in Roundcube is that the signature will be automatically generated only for a new account created after setting up the signature. After generation, it will also not be possible to change the signature automatically, so carefully plan the automatic signature when creating

Upload logo for Roundcube- this button allows you to select an image that will be located in the upper left corner of the mail web interface. For example, your organization's logo.

The last three checkboxes allow you to enable DKIM signing, check the DKIM of incoming messages, and automatically recode message headers to UTF-8.

Address book

Domains and boxes

Before you can add custom mailboxes, you must create a mail domain. Go to the “Domains and Mailboxes” tab and click the “Add” → “mail domain” button. You can name the domain with any non-existent name if the exchange of letters will take place within the corporate network, or you can set up message forwarding on a real-life domain registered with your organization. If the “Create DKIM signature” checkbox is selected in the settings, it will be added automatically.

When you double-click on the created account again, it will open with the already created DKIM key, which can be copied if necessary.

After that, by selecting the created domain, you can add user mailboxes to it. The server will ask you to enter the mailbox name, password and select the user to whom this mailbox will be assigned. If necessary, you can specify a quota - the maximum reserved space on the IKS hard drive for storing letters given user. Once this quota is exceeded, no emails will be accepted for the user. By default, there is no quota.

It is not necessary to create a separate mailbox for each mailing name you need. Instead, you can create a link to the specified mailbox. Then all the letters coming to the mailbox [email protected], will be redirected to a real mailbox [email protected].

Important: when creating mail domains and mailboxes, the corresponding domains and accounts appear in the jabber server section. The opposite is also true.

In order for the mail domain to be accessible from the external network and be able to exchange data with other external servers, it is necessary to configure DNS records.

After mailboxes for users are created, they can connect to the IKS using email clients (for example, Mozilla Thunderbird or Microsoft Outlook) or use web interface for mail.

To process sent and received letters, use the “Filters” tab. They process mail based on the following conditions: size, sender, recipient, subject. The condition can be strict or non-strict. The number of conditions can be any, and the filter can process mail both when all conditions are completely matched, and when there is the first match. After the condition is matched, the filter can delete the letter, move it to another mailbox, or make a copy.

In the example above, all letters arriving at one address, the size of which is more than 5000 kB, and the subject of the letter contains the expression “not spam” will be copied to another ICS mailbox.

In order to create a new filter, you first need to select trigger conditions - if all conditions match, any of the conditions, or apply to all messages regardless of the conditions.

You can filter incoming and outgoing letters by subject, sender, recipient and size (in kilobytes). The check for matching a condition can be strict (“matches with”) or non-strict (“contains,” “starts with,” “ends with”), as well as the reverse (“does not contain”). You can assign any number of conditions to one filter.

The last step is to select the action that occurs after the filter is triggered. You can move the letter, copy it to another address, or delete it. The first two conditions allow you to enter the name of the mailbox or select it from the list of those created on the ICS.

For an example of how filters can be configured, see.

Mailings are the same filters, but with a simplified interface in which it is enough to indicate the mailboxes to which the mailing will be distributed. The mailbox to which the original letter arrives should not be opened in the system, since it is a link.

Antispam

To manage mail accounts located on other servers, you can use the ICS “mail collector” function. With its help, the ICS connects to the specified mail server under the selected login and password and moves or copies the contained mail to the mailboxes of ICS users.

You can specify what to do with messages on the server - collect all, collect only new ones, leave messages on the server, or delete them. You can also configure the collector's operating interval and the number of downloaded emails per session.

It works in two modes - automatic recipient detection and specifying a mailbox for collection. Automatic detection works if the organization has one external mailbox located on the provider’s server, and the remaining mailboxes serve as its aliases. In other cases, a direct indication of the assembly box is used. That is, in most cases, when creating a collector, you need to set the switch to the “Forward to” position.

The mail collector can also be used in cases where the organization uses the so-called "multi-drop" mail method. It consists in the fact that all mail arrives at the server of the provider or hoster and is stored there without being divided into user mailboxes. In this case, when setting up the mail collector, the “recipient” field does not need to be changed (the default value in it is the recipient’s address). Thus, the collected letters will be automatically distributed depending on the addressee among the mailboxes of ICS users, and if there are no such addressees, they will be stored in the mailbox selected by default.

Postal queue

This tab shows messages that are waiting to be sent, or that for some reason were not sent (for example, rejected by the greylist of an upstream mail server). When you select any object from the list, you can see the error code for which it was not delivered. You can manage the mail queue using the “Clear Queue” and “Send All” buttons. Also, you can try to send each letter individually or remove it from the queue.

Statistics

To control incoming and outgoing mail traffic, as well as spam and unwanted letters, you can use the “Statistics” section.

Just like in user statistics, you can apply various filters in the control panel to general information about ICS mail traffic and display them in the form of a table. The table columns vary depending on the filter applied.

The report generator looks a lot like custom statistics. Basic filters can display information about user traffic, grouping them according to the following criteria:

by sender domains,

by recipient domains,

by mailboxes,

by hour/day/month,

details of letters;

Magazine

The “Log” tab contains a summary of all system messages from the mail server. The magazine is divided into pages; using the “forward” and “back” buttons you can move from page to page, or enter the page number in the field and switch directly to it.

Log entries are highlighted in color depending on the type of message. Regular system messages are marked in white, errors are marked in red.

There is a search bar in the upper right corner of the module. With its help, you can search the journal for the entries you need.

The log always displays events for the current date. To view events on a different day, select the desired date using the calendar in the upper left corner of the module.

Many system administrators experience certain difficulties when working with email systems. This is not surprising; a mail server has a much more complex structure than a file server, router or terminal server. In this article we will look at the structure and operating principle of mail servers, without understanding which setting up an email system can easily turn into shamanic dances with a tambourine.

This material contains quite a lot of simplifications and generalizations in order to give system administrators required minimum knowledge. In our opinion, in order to administer one or two entry-level mail servers, it is not at all necessary to become an e-mail specialist.

For most users and novice administrators, a mail server is a kind of “black box” that, having received a letter through “unknown” ways, delivers it to the recipient and vice versa. All interaction with such a server consists of the mail client accessing certain ports, or even through the web interface. However, there is a whole mechanism hidden inside, understanding the operation of which is key to successfully setting up and maintaining an email system. This is especially important for administering servers on the Linux platform. Unlike Windows, where the mail server is a complete software solution and the developers have already taken care of internal interaction, in Linux the components of the mail server are separate programs and you need to configure their interaction yourself.

Let's look at the structure of the mail server, as well as what happens when a user tries to send mail.

The most important part of the mail server is MTA (Mail Transfer Agent-- mail forwarding agent) whose tasks include receiving and transmitting mail. Very often (in Linux / UNIX) the MTA is also called a mail server. MTA works using the SMTP protocol, and it alone is, in principle, sufficient to create an email system. Once upon a time, this was exactly the case, and to access your mailbox you needed to have certain technical knowledge.

However, progress does not stand still; the MTA, upon receiving a letter, places it in the user's mailbox on the server, which the latter must access, preferably in the simplest and most understandable way. This is where it comes into play MDA (Mail Delivery Agent-- mail delivery agent), its task, at the request of an email client, is to transfer mail from a mailbox on the server to it. MDA can operate using the POP3 or IMAP protocols; in some cases, proprietary protocols with advanced functionality, such as MAPI (Exchange Server), can be used to “communicate” between the mail client and the delivery agent.

Contrary to popular belief, MDA has nothing to do with the mail transfer process. That's the MTA's prerogative. To make an analogy, the MTA can be thought of as a post office that receives and sends mail, and the MDA is a postman who brings mail to your home. If the postman gets sick, this will not affect the work of the post office in any way, you just won’t receive letters at home. Also MDA, its failure does not lead to the inoperability of the mail server, only receiving mail by the mail client becomes unavailable, at the same time it can be easily accessed in other ways, for example, through the web interface.

Let's see what happens when sending mail. In our example, the user Ivanov, located in the example.org domain ( [email protected]), writes a letter to Kozlov in the example.com domain ( [email protected]). For Ivanov, the process of sending mail consists of creating a message and clicking the "Send" button in the email client. The mail client connects to the MTA via SMTP and first of all provides its credentials. After authorizing the user, the MTA accepts the message and tries to deliver it further.

In fact, authorization is not a mandatory procedure for MTA, but without authorization we will get an open relay, i.e. Anyone can use our server to forward mail, and spammers will rejoice! Currently, open relays occur mainly due to server configuration errors. However, it is quite possible for an MTA to accept mail from trusted users without authorization, for example from local network enterprises.

For authorization, the MTA can use its own user list, system list, LDAP or AD user lists. There is also a way: POP authorization before SMTP, when the user authorizes the MDA before sending mail, which in turn confirms the user's authentication to the MTA.

The next step is that the MTA analyzes the service information of the letter, determining the recipient's domain, if it belongs to the domains served by this MTA, the recipient is searched and the letter is placed in his mailbox. This would have happened if Ivanov had written a letter to Petrov or Sidorov.

If the recipient's domain is not served by an MTA, a DNS query is generated asking for MX records for that domain. An MX record is a special type of DNS record that contains the names of the mail servers that process incoming mail for a given domain. There can be several MX records; in this case, the MTA tries to establish a connection sequentially, starting with the server with the highest priority. If there is no MX record, the A record (the address record that maps a domain name to an IP address) is queried and an attempt is made to deliver mail to the host specified there. If it is impossible to send a message, it is returned to the sender (placed in the user's mailbox) with an error message.

We will not consider the work of the receiving server, we will assume that everything went fine, Kozlov received a letter from Ivanov and wrote him a response. The server serving the example.com domain performs exactly the same actions and tries to transfer mail to our server. Having received an incoming message, the MTA, as in the case of a local sender, checks the recipient's domain, if it is among those served by the MTA, processing of the message continues, otherwise the server refuses to accept mail. After checking the domain, the recipient is checked, if he is present in the list of users, the message is delivered to his mailbox, otherwise two options are possible: refusing to receive the message or receiving the message in the general mailbox (administrator's mailbox). On the one hand, this setting increases the number of spam received, on the other hand, it allows you to avoid losing letters with misspelled addresses.

Another anti-spam measure is to request a PTR record. A PTR record (pointer record) associates an IP address with a domain name. By requesting PTR, the MTA only accepts mail if the sender's domain matches the domain of the sending server.

Let's look at the example in more detail. A certain spam server spam.com is trying to send letters with a fake sender, supposedly from the example.com server we know. If filtered by white/black lists, such a letter will be delivered, since the sender is a user from a trusted domain (which is what spammers were counting on). In order to combat spam, the MTA generates a PTR record request for the IP address of the sending server, which it reports during the SMTP session. For the address y.y.y.y, the PTR request will return the spam.com domain name, which does not match the sender’s domain, which will cause the message to be rejected. At the same time, messages from the server x.x.x.x will be received, since the domain from the PTR record for x.x.x.x (example.com) matches the sender's domain.

So, the message has been received and is in the user's mailbox. How to read it? Mail storage, where user mailboxes are located, can be organized in a variety of ways: from banal folders and files to a database. Without technical knowledge, it is unlikely that you will be able to read your own mail. But should user Ivanov really care about this? For him, the process of receiving mail is reduced to clicking the "Receive" button in the mail client.

To receive mail, the client establishes a connection to the MDA using the POP3 or IMAP protocol, always passing authorization data. MDA checks the presence of the user in the lists and, if the check is successful, transfers to the client all new messages in his mailbox. User Ivanov receives his correspondence and can work with it in a way convenient for him.

This is where our article ends; we strongly recommend thoughtful reading and assimilation of the material presented in it. Subsequently, when considering practical implementations mail servers, we will present the material on the assumption that the reader has knowledge of at least this article.

A mail server is a special agent - a program that processes mail requests and transmits messages from one machine to another.

The email server acts as a present, familiar to us post office, processing bytes like paper messages in envelopes.

To send a letter to a friend, you must write its content, indicate the recipient's email and transfer all the data to the address of your email server. The sending process is automated on a computer or. The sending server makes the necessary calculations and redirects the correspondence to the recipient server, where the letter reaches the lucky friend.

What is mail server protocol

It turns out that for uninterrupted and synchronous functioning, all mail servers in the world obey three main work protocols,

Sending mail SMTP Simple Mail Transfer Protocol

A protocol called SMTP is always responsible for sending mail, the first version of which was described in the 1982 standards. In 2008 it was updated to the ESMTP version with expanded functionality. Classic protocol access port: 25 TCP; if an SSL shell is used, the port changes to 465 TCP.

A typical example of how the SMTP protocol works is the following sequence of actions:

• Your email client on your computer establishes a connection with the SMTP server to which the binding is configured
• The server is only interested in one parameter received from you - the recipient. It makes a request to the DNS service to obtain the delivery IP address
• After the SMTP server has determined the recipient's location in the address space, an attempt is made to directly connect to the recipient's server on port 25
  The recipient's SMTP server checks the presence of the client in the database; if there is a match, it transfers the data to its internal POP3 server for placement in the user's mailbox.
• If there are problems connecting to the recipient's SMTP node, the sending attempt will be repeated several more times at certain intervals. If you refuse, you will receive an error message back.

Receive and store POP3 Post Office Protocol 3 mail

The very first, classic and simple protocol for remote access to a mailbox. It's no secret that e-mail is stored on servers, and what you see on the screen is only its local copy. In 1988, the third, final version of the protocol was created, according to which clients can collect correspondence from servers. By default, after messages are copied to local storage via the POP3 protocol, they are permanently deleted from the server. Standard access port: 110 TCP

Let's consider a template session with a POP3 server:

• Authorization. The connected client undergoes an authentication procedure using a name and password. Checking to see if this email address belongs to him
• Transaction. There is an exchange of data about the current state of the mailbox, acceptance of letters and work with correspondence
• Update. The server deletes read messages from its storage and closes the session.

Advanced work with IMAP Internet Message Access Protocol mail

A more complex, comprehensive and modern protocol for working with a remote mail server. Appeared in 1986, and significantly increased in volume in the last edition of 2003. The main difference from POP3 communication is that the work is carried out without sending all the content, you are directly on the server and edit the information directly there. The disadvantage of the protocol is the inability to work with mail if the Internet connection is lost. Some experts believe that IMAP would have become a monopolist of mail protocols if not for its mediocre implementation of the function of sending letters. Main connection port: 143 TCP or 993 TCP when connecting via an encrypted SSL channel.

An IMAP server can be in four states

• No authentication. The server waits for the user's login and password to be sent
• Authenticated. A mailbox is selected for further work.
• Selection state. After selecting a mailbox, work with letters in it begins.
• Exit. Closing a connection due to error or client request

Own mail server

For the average user, email is enough Google services, Yandex, etc. But it is much more difficult for administrators of portals and companies for which it is necessary to install mail forwarding software. No company would want to receive orders from customers under someone else's domain name, which means it’s time to create your own mail node. There are several options here

Ready solutions

Yandex and MAIL.ru provide free mail provider services for your domain. This means that you receive mail at the address [email protected], it was exactly the same if you manually created your own mail server. But the company takes care of processing correspondence by providing a convenient web interface and separate addresses for employees.

Another advantage is that the server addresses of corporate mail servers are always trusted by clients, which means there is much less chance of ending up in spam.

Manual self-configuration

This is a difficult path. Setting up such a server yourself takes a long time. And it will be easier, if not cheaper, to contact a special company.

For Windows Server considered classic Microsoft Exchange Server. Fully integrated into the Windows environment, compatible with all protocols, fast and easy to configure

There are several full-fledged solutions for Linux, but experts have recently noted the Postfix server as the most secure and convenient option. Plug-in spam filters, mail skip control and database support are integral parts of Postfix.

If you have a desire to learn how to find and exploit vulnerabilities in information networks, I recommend getting acquainted with online course “Workshop on Kali Linux» in OTUS. The course is designed for those who do not have experience in information security; they must pass it for admission.

Let's start with what I mean by medium-sized business. I don’t know the exact classification and I haven’t looked or checked anywhere. It intuitively seems to me that this is from 10-15 users to 200-300. I will consider the segment up to 100 users, since I work exclusively in this niche almost all the time. The problems and needs of larger companies are not reliably known to me. Although I’m not sure that anything will be fundamentally different from 100 people, I think the approaches will be the same, only the hardware will be more powerful. The problems of load distribution and clustering will most likely not arise here yet.

We have a small company of several dozen people. We need a mail server. Despite the fact that technology has long stepped forward, providing a lot of various means of communication, e-mail still firmly holds its position and is not going to give it up yet. At the same time, in such a small team, there are no great demands on the mail server. Most often, it is enough for the mail to simply work, without any special functional frills. Either an email client and the imap protocol, or a web interface will be sufficient. It’s good if it’s possible to set up an auto-reply, do shared folders, a single address book, but you can live without it.

Among all possible options postal service, I identify 3 fundamentally different approaches to implementing the necessary functionality:

1. Services based on free email services from Google, Yandex or mail.
2. Your own mail server based on free software.
3. Exchange server from Microsoft.

Let's look at each of them in more detail.

Free mail from google, yandex and mail.ru

I'll make a couple of comments right away. I'm not sure that you can now register a free corporate email with Google. Everyone who registered earlier uses it for free, and for new users only paid subscriptions. But this is not important and does not directly relate to the topic of the article. If Google has become completely paid for business, then we’ll simply exclude it from our list. Yandex and Mail.ru are still definitely free. I myself administered email domains in google apps and Yandex. I haven’t worked with biz.mail.ru, I just know that something similar is implemented there. Somehow I don’t like the company itself since the old days. Although now they seem to have turned to face the users, Amigo is still alive and well, so they have not completely turned around yet.

Let's look at the advantages of these mail services.

1. The most important advantage is that full-fledged mail is ready immediately after registration. There are no costs for purchasing hardware and setting up. It is enough for a more or less advanced user who, according to the instructions on the site, can connect a domain and create mailboxes. And you can already use mail.
2. Easy to administer and manage users, the web service provides all the necessary equipment for this. They are convenient and intuitive (though not always) understandable.
3. Comfortable and familiar web interface. Everything works quickly, from any place where there is Internet and a browser. There is a good mobile application.
4. Wide functionality, ready immediately after creating the box. Various filters, mail collectors, good antispam (from Google) and much more.

It seems like everything, I didn’t miss anything. It would seem that the advantages are obvious and significant. But before drawing conclusions, let's consider the disadvantages.

1. You do not manage this mail. She doesn't belong to you, is not on your servers. You don't know what's happening to her. If you have very sensitive and private correspondence, then suspicions and doubts arise about using popular email services. This may sound like paranoia, but this is a real concern for users and business owners and should not be discounted.
2. You are not immune from system failures and cannot prevent them in any way. And failures, although not often, do occur. Since the services are free, no one will guarantee you anything. And if some force majeure happens and the data is lost, they will simply say sorry to you. If you yourself do not have a very reliable IT structure, chances are technical problems on your personal server it will probably be higher. But you can control this and theoretically be able to build a system with a level of reliability that satisfies you.
3. Backup methods are not obvious and recovery of mailboxes in such services. There are situations when all letters are deleted from the mailbox. Let's say you can save them in various ways, simply by downloading them, but how can you return them back to the box, keeping all the dates original?
4. There is no way to analyze incomprehensible situations. For example, you send a letter, but it does not reach the recipient. What to do? In the case of cloud mail, you will not do anything, since you do not have any tools to analyze the situation. Just try sending a letter from another mailbox. Sometimes a letter doesn’t arrive to you, and you just can’t understand why it’s not there. But the issue may simply be an incorrectly configured filter. This is a common situation when there are a lot of filters, plus if some other forwarding is configured. Without access to server logs, it can be difficult to understand the situation. And if there is a mail server log, then it immediately becomes clear why the letter is not sent, or what happened to it after receiving it. You can know for sure whether the remote server received your letter or not.
5. No simple ways restrict access to mailboxes, for example, only from the office local network. Public service mailboxes are always accessible via the Internet. It is possible to solve this problem in google apps through authorization in third party services. I have not seen the opportunity to implement such functionality in Yandex and mail.
6. We also need to understand that free cheese knows where it happens. It is not entirely clear how email services use the information received from users. Well, if only to show them relevant advertising. I think not only for this.

When I first started working about 10 years ago, there was no question about what email to use in the organization. Everyone set up their own mail servers and administrated them. At that time, free email services did not provide any email management tools for businesses. When such tools began to appear, I thought that soon no one would need their own mail servers, since they would no longer make sense. And all my torment (I don’t like working with them) with mail servers will become meaningless.

I was given the opportunity to administer domains based on public email services. After this, the above list of minuses appeared. And for me personally, these disadvantages outweighed the advantages, and now I still configure mail servers myself. Ultimately, it is more convenient and reliable when the pros and cons of use and administration are considered together.

The biggest disadvantage I see is the lack of full-fledged mail logs and a good backup scheme. It is inconvenient to analyze problems without logs. It is not possible to quickly and easily restore a deleted email to its original location, although this is a simple matter for open source mail servers.

Mail server based on free software

Let's look at the advantages and disadvantages of your own mail server based on free software. In principle, this includes some paid ones, for example Kerio Mail Server, which is also often used. I think it can be included here, since it provides similar functionality. I consider all mail servers collectively, without singling out individual representatives. Although in Linux, besides postfix and exim, I personally have not seen anything in production. I always use postfix myself, because I’m used to it and know it well. Let's take a closer look at the advantages of such servers.

1. You are in complete control of all information, which arrives by mail and is stored on your server. You can limit access to mail at your discretion using various technical means. You can centrally set up rules for deleting, for example, private information in letters, based on various criteria that you can set yourself.
2. The level of availability of the mail service depends only on you. With the right approach, you can provide the reliability that suits you system operation.
3. Flexible backup system. There are plenty of resources for organizing it, including free ones. It all depends on your needs, skills and capabilities. You can store various sections by date, by box, domain, or organize any suitable scheme.
4. Virtually unlimited functionality. Within reasonable limits, of course :) You can create mailboxes with only local correspondence, you can centrally manage the reception and sending of mail, and maintain your own white and black lists. You can set up various restrictions on mailboxes and domains. You can easily centrally manage duplication of mail for the required mailboxes, make all kinds of forwarding and much more.
5. All server monitoring tools are in your hands. You can deal with any unclear situation, having the mail server logs in hand. This service is well logged. I almost never had problems when it was not clear where the letter went missing. Most often, traces are found and one can definitely say what happened to the letter.

1. Necessary buy or rent equipment to organize your own mail server. In the case of a Linux server, the performance requirements will not be great. A virtual machine with 4 cores and 4 GB is usually enough for me RAM. The disk subsystem is much more important. Here, the faster the disks, the better. Don't forget about backup. It also requires iron resources.
2. Setting up a full-fledged, multifunctional mail server requires at least average knowledge of system Linux administration. That is, just admin username will not work here. Need a specialist with experience. He must have a decent salary. If such an admin is not on staff, I recommend hiring someone for one-time setup work. Most often, after setup, no special work is required to support the server if you do not change the functionality. It's enough to just follow free space on disks and manage boxes via the web panel.
3. Ease of use via web interface will be lower than in free ones postal services. Whatever one may say, but the same gmail is implemented very conveniently. Quick search, filters, sorting, labels, etc. It's really convenient. I'm very used to it and can't use anything else.

These are the disadvantages of my email service that I see. The most important one for me is the last one. I myself am used to working with mail via the web. Postal clients I don’t like to use it, although I have to. Web interfaces to free mail servers in terms of convenience and speed are far from being comparable to Gmail or Yandex; it makes no sense to compare. And yet, I believe that for the average organization this is the most best option. An example of setting up such a free mail server is .

Pros and cons of Microsoft Exchange Server

I don't have much experience administering exchange. I tested it a long time ago when I was deciding which mail servers I would work with. I installed it and studied the functionality. Then I set up a mail server for the organization once. They wanted exchange. There were no problems, I quickly set it up using numerous guides on the Internet. The entry threshold for exchange mail server customizers is very low. Even Enike can handle basic functionality.

For medium-sized organizations, I think shared calendars are a really useful and difficult-to-replace functionality. And of course, the convenience of integration with AD, if available. And most often there is AD, since I can’t imagine administering a network for more than 20-30 people without Active Directory. I think that there is no point in saving here and you need to buy Microsoft Server.

Let's now look at the pros and cons of Microsoft Exchange Server. I warn you again just in case. I’m only telling you my vision, I have little experience working with the server, so I would like to receive comments on it myself in the comments in order to have a more adequate assessment of this system. Pros of Exchange:

1. Great functionality with relative ease of setup. Any administrator can deploy a server with basic functionality. Moreover, this basic functionality may be greater than that of any Linux build.
2. Active Directory Integration. You create a new user account and the mailbox is immediately ready for him. No special settings are needed if the user has Microsoft Outlook. A connection to the server is configured in a few clicks of the mouse.
3. Comfortable administration tools in the form of ready-made Windows Server snap-ins. Everything here is traditional for solutions from Microsoft.

The disadvantages of Exchange Server are as typical as the advantages for most products from Microsoft:

1. Price, price and price again. Microsoft Exchange Server is expensive. You need to count and figure out whether it will be justified to purchase it. To use all the built-in functionality, you will need to buy an edition for each workplace Microsoft Office with Outlook included. These are additional costs.
2. For good performance it is required significantly more powerful iron, compared to Linux servers. And to support large mailboxes, for example 50 gigabytes, you will need very powerful hardware. Although such boxes for the same dovecot do not pose any special problems. In exchange you will most likely use quotas to limit maximum size mailbox.
3. For backup, you will most likely have to purchase decently powerful hardware and paid software. Here I’m just guessing, I really don’t know what is needed for a convenient exchange backup. I know paid software from popular vendors. Perhaps there is something free.

My conclusion about Exchange Server is that it is good in almost everything except the price. If it were free, I would most likely use it. For quite objective reasons, this is impossible. Good and convenient software does not appear on its own. You need to create it, and spend money on it, which you want to return with a profit.

Today, given the cost of Microsoft Exchange Server and Microsoft Office, I do not use these Microsoft products. Few people are willing to shell out the required amount for a mail server. I would like to take a closer look at Exchange in real conditions for at least 60-80 people in order to evaluate this server more objectively. But so far such an opportunity has not presented itself.

Conclusion

Let me summarize my thoughts about a mail server for a small, average organization. Although the conclusion, I think, is already clear. I myself prefer the second option I described - a mail server based on free software on Linux. But I wouldn’t discount the other two options. Free mail public services will definitely be convenient for a very small team - 10-15 people. It makes no sense to fence your server for such a large number.

I would recommend using Exchange Server if you have it and don’t mind spending money on purchasing it. The product is definitely convenient, functional and easy to set up and administer. To put it simply, you need to understand that this is conditional. Configurations can be very complex, but in this case I am considering the entry level.

Kali Linux Workshop

The course is for those who are interested in conducting penetration tests and want to practically try themselves in situations close to real ones. The course is designed for those who do not yet have experience in information security. The training lasts 3 months, 4 hours per week. What this course will give you:

• Search for and exploit vulnerabilities or configuration flaws in corporate networks, web sites, servers. Emphasis on pentesting of Windows OS and security of the corporate segment.
• Learning tools such as metasploit, sqlmap, wireshark, burp suite and many others.
• Mastering the Kali Linux tools in practice - any information security specialist should be familiar with it.

Test yourself on the entrance test and see the program for more details.