Discussion:
How many people to admin a Cyrus system?
(too old to reply)
Gary Mills
2007-11-08 22:50:59 UTC
Permalink
We have a moderate-sized Cyrus system for 30,000 students and 3000
employees. It's a critical service in the sense that thousands of
people depend on it. It has excellent performance, lots of capacity,
and plans for expansion. I'm the only one familiar enough with Cyrus
and sendmail to maintain it, although this is not normally full time.
I'm also the one who tracks down hard problems in Unix and does
development in a number of other areas. Other than our data
management person, who supplies the LUNs for the e-mail store, I'm the
one who manages the system.

I'm also going to be 65 in two days, although I plan to stay around
for a year or so. My director will be replacing me, but I assume this
will be with an entry-level person who will not have the ability to
maintain the Cyrus system, at least initially. Other people in my
group do not have the skills or the available time to administer this
system. I'm trying to convince him to hire somebody with development
and programming experience, but without much success so far. How many
and what sort of people does it take to maintain a system such as
this? I need a good argument for hiring a replacement for me.

My director seems interested in outsourcing our e-mail system, judging
by the number of articles on outsourcing that he sends to me. Google
and Zimbra with a commercial contractor are the latest two. Replacing
a perfectly functioning e-mail system seems ludicrous to me, as does
subjecting our users to a migration for no reason. I assume at least
that he wants vendors to quote on a replacement system. Perhaps once
he sees the cost, he will change his mind. I suppose it depends on
whether the quote includes the real cost. Does anyone here have
experience in this area? I know that CMU and other universities want
to maintain their own e-mail systems. What's the justification in
these cases?
--
-Gary Mills- -Unix Support- -U of M Academic Computing and Networking-
Blake Hudson
2007-11-08 23:05:39 UTC
Permalink
Post by Gary Mills
We have a moderate-sized Cyrus system for 30,000 students and 3000
employees. ... I know that CMU and other universities want
to maintain their own e-mail systems. What's the justification in
these cases?
Gary Mills
2007-11-09 14:45:38 UTC
Permalink
Post by Gary Mills
We have a moderate-sized Cyrus system for 30,000 students and 3000
employees. ... I know that CMU and other universities want
to maintain their own e-mail systems. What's the justification in
these cases?
Scott M. Likens
2007-11-10 02:04:39 UTC
Permalink
Thanks everyone for your responses. I don't want to clutter up this
technical mailing list with more management issues, although I'd
certainly be pleased to receive personal e-mail on this topic.
There appear to be two types of outsourcing. The Google example was
one where all of the e-mail resided on an external site. In addition
to the issues mentioned above, there is authentication and
backup/restore to consider. For all of those reasons, I don't think
that this type will be suitable here.
The Zimbra example, however, was one where a contractor was hired to
install a new e-mail system at the university, and to do the migration
and management. This one I could see happening here, so that people
with programming and development skills would no longer need to be
kept on staff. That seems like a bizarre idea to me. It's
essentially outsourcing the employees. Since there are no problems
whatsoever with the existing Cyrus system, I suppose that contracting
with a company to maintain and manage it might be better than just
abandoning it.
I know I sent out an email earlier I don't know if it got anywhere...
but I thought I would finish what I was saying, as I had written it out
to explain it better.

It is certainly OT, and for that you can hate me.

Background, the company that this was deployed at was a rather small
company. We had MAYBE 100 employee(s). Simultaneous connections?
roughly 50 to 60. We would max normally at 20 Messages/Minute Incoming,
and a good amount of that was spam. Depending on the time of day, it
would go up and down, but I would say the daily average was around 7-8
Messages/minute.

I will begin with the Pro(s) and Con(s) of Zimbra.

Pros,
1. Calendar and Contact and Mail Solution rolled into 1 package
2. Webmail loads pretty fast over EVDO
3. It has this wonderful Outlook plugin to make it look like MAPI to
Outlook (or is that a Con?)

Cons,
1. Commercial Support that sucks... During the day you get someone in
the US that may fix your problem, but not tell you what they did to fix
it, or anything. Additionally at night you get India, and my only
experience with that was hearing 'My internet is down'...
2. Lack of Code Review... why else would bugs like DROP if exists
(http://bugzilla.zimbra.com/show_bug.cgi?id=16879)
As well as (http://bugzilla.zimbra.com/show_bug.cgi?id=21117)
3. Can't handle high load very well, in fact it handles load horribly.
4. It uses Java/JSP and Tomcat... (Hateful I know)
5. It uses Postfix. I guess using Postfix is better then having to
write SMTP Support in Java.
6. Multiple MySQL Instances... couldn't that be rolled into 1?
7. It would flag users that sent email using SMTP Authentication as spam
(amavis-new would check against the rbls and determine that it was spam
because it came from a Dialup/Broadband IP). (which is extremely
stupid, so the only obvious choice was to whitelist the user(s) that had
this problem)

Note those are just examples, from my experience there are a number of
things that just don't work right to begin with.

1) Upgrading, is a pain. It follows the mentality of Redhat, and
whatnot. To upgrade you have to shut down Zimbra (duh) and then remove
all the old rpm's, and then install the new rpm's (or debs in my case).
Depending on the speed of your server it might take 5 minutes or 30.

2) Handles heavy load horribly. In my case, we had a Super Micro Server
with Dual Xeon (P4) 2.2(2.4?)Gigahertz processors. 2 Gigabytes of Ram,
and was doing a sub-fancy Software RAID-5 setup with about 700gb U160
SCSI disk(s) that were either 10 or 15k rpm. (I Forget) Using an XFS
Formatted Filesystem (I wasn't daring enough to try ReiserFS on this),
and DRBD+Heartbeat. (not my idea) However it wasn't the end of the
world. The server was more then several years old. But it should have
no problem handling 350-400messages/minute. That's not really a large
amount of email is it?

3) ClamAV. Do note how much email I said we dealt with a minute. We
didn't get a great deal of email. Maybe 2000 email a day? Not overly
much. However as the ClamAV database would grow, if you restarted
ClamAV or Zimbra eventually it would take too long for ClamAV to start
and would not listen on the port assigned and would make mail fail to
deliver. (Ouch huh?)

4) If it shuts down uncleanly which it did in my case, (first call to
support). I got someone in the US, they logged in via a broadband IP.
(PTR did not even get close to zimbra.com) Took them maybe 60-90
Minutes to find out that there was a lockfile that did not get erased,
which is why Tomcat was not starting the LMTP Service. Great,
fantastic, what was that file? I never knew. History for that user did
not show.

5) Calling at Midnight... _I_ Made an amatuer mistake trying to upgrade
some switches and caused some mass breakage, and a flood of mail was
coming in (over 700/minute) and pop! ClamAV crashed. Amazing, and my
boss found a mention on the Zimbra.com forums to raise the timeout in
some perl script. He raised it, and it started working. However, I
called support, I got India. Their Internet was up and down (or so he
said) and couldn't stay logged in long enough to fix it. Thank god we
fixed it huh?

I eventually upgraded ClamAV following these instructions
http://wiki.zimbra.com/index.php?title=Updating_CLAMAV_from_version_lower_than_0.90.0
It worked, and I had gone for over 2 weeks without an issue, until...

6) Tomcat decided to stop on it's own... Memory Exhausted. Geeze, don't
I ever get a break? The server was never into swap.. so I just
restarted tomcat and it was flying again.

Now I freely admit things were done on this system that did not make it
optimal, it was not a brand new server using Hardware Raid. I did not
really spend a month reviewing Zimbra's code in detail to find out how
bad it really would be. I Installed it and got it running on Ubuntu
without too much of a problem, and then proceeded to imapsync over all
the mail after I added the accounts.

I admit it was a fairly easy migration, I hated the fact that 95% of our
users were pop3, so the UIDL would not match what they had, so we had to
make a folder and move all their email to another folder. Which sadly
is migration pain, there's no real way around that with the exception of
sha1.

Another pain point for us was, we had bought Blackberr(y|ies), and we
wanted to have our Calendar, Contacts and everything pushed to the
Blackberry in a sane and easy way. We checked out NotifyLink, it was a
bit overpriced, and they had no Linux Solution. We had 0 Windows
Servers, and had no desire to have any. I understand now they have a
BES Solution that integrates the BES Server into Zimbra. (or I saw bugs
pertaining to it).

Now I am certain that Zimbra will work for some people just perfectly.
I was not one of them, perhaps it's because I want too much control? I
don't really know. I did certainly question if they had gotten
anyone(s) permission to modify and use their programs in Zimbra.
Because I know certainly it's easy to whip together a bunch of F/OSS
Software to do exactly the same thing as Zimbra, without the
fluff/hassle. Just think OpenLDAP for Contacts, and then an iCal or
CalDAV Server. There's many out there that are pretty easy to setup
including Apple's CalDAV Server. So right there you just gave the
functionality of Zimbra with just about anything without their 3rd party
crap. Truthfully do you need those ugly 3rd party things? Nope.

With Outlook you can configure an LDAP Directory Server, and it's not
impossible to make Outlook use an iCal server. So in the end, I would
have done things much differently the first mistake is to Lease Zimbra.
(You don't ever buy it, as you have to pay them yearly). Which is why
they are alive, and Scalix is dying.

Zimbra does have some challengers, such as Oracle Collaboration Suite
(http://www.oracle.com/collabsuite/index.html) Oracle Collaboration
Suite, and Postpath (http://www.postpath.com) so quite frankly there is
alternatives.

Truthfully as I have looked at some of the stories in here (UCDavis,
Fastmail.fm) and their success and size alone. It makes me sad about
Zimbra, and I do hope that they can turn it around. But I just feel
they are out of touch with what their users want and need.
Rudy Gevaert
2007-11-13 07:24:47 UTC
Permalink
If we could ever get a decent calendar system that works together with
Cyrus or other software many people would be happy.

Rudy
--
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Rudy Gevaert ***@UGent.be tel:+32 9 264 4734
Directie ICT, afd. Infrastructuur ICT Department, Infrastructure office
Groep Systemen Systems group
Universiteit Gent Ghent University
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Scott M. Likens
2007-11-13 08:12:43 UTC
Permalink
Have you ever looked at some of the CalDAV Servers out there?

I'll save you some time,

http://trac.macosforge.org/projects/calendarserver

http://rscds.sourceforge.net/

As well as,

http://sourceforge.net/projects/modcaldav/

Truthfully, you don't need Cyrus to support a Calendar. Because in all
honesty, it's unrelated to mail. If you use Kerberos, LDAP, AD, MySQL
for Authentication. Take a look at one of those, tie in that
authentication and you're done. Then depending on which one you choose,
you can have users share their calendars or not.

... There is enough F/OSS out there to emulate everything you can get
with Exchange, and/or any other 'Enterprise' Mail System. No it's not
as seamless as Exchange, but it works just fine and it's an open
standard. You'll find lots more CalDav Servers, and software in the
next 6months to a year.

Scott
Post by Rudy Gevaert
If we could ever get a decent calendar system that works together with
Cyrus or other software many people would be happy.
Rudy
Ian G Batten
2007-11-13 09:54:36 UTC
Permalink
Post by Scott M. Likens
No it's not
as seamless as Exchange, but it works just fine and it's an open
standard.
However, people don't want calendaring, they want Outlook. Offer a
solution which doesn't allow Outlook to work ``like it should'' and
you risk learning more about Exchange than you wanted to. I guess
Outlook might start to talk CalDAV, but I personally doubt it: it
would undercut Microsoft's Exchange business which is very lucrative
for them. OCS has an Outlook plugin I suspect for this very reason:
it avoids management refusing to accept a solution which doesn't do
what they see as the right thing: the rest of us use the OCS Linux/
Solaris/Windows/OSX native clients or the web front end, all of which
work very nicely.

Your management won't regard CalDAV as a standard, they think Outlook
is a standard. And ``not as seamless'' is a key admission.

ian
Joseph Brennan
2007-11-13 14:10:08 UTC
Permalink
Post by Ian G Batten
However, people don't want calendaring, they want Outlook.
This describes exactly the point of view of administrative staff. They
live in Microsoft Office, and they need a server to support it. That is
the assignment given.

I was looking at Open-Xchange on the web <http://www.open-xchange.com/>.
The server provides webmail and MAPI interfaces. The "Hosting Edition"
(and maybe the others, it is not clear) can talk to Cyrus and includes
ACL support.

(We're still running both Exchange for admin staff and Cyrus for the
much larger university community of faculty and students.)

Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology
David Chait
2007-11-13 15:05:11 UTC
Permalink
One key piece of functionality that seems to be missing from every OSS
solution mentioned thus far is mobile device push support (Activesync),
this is not to be underestimated as it is for us, a key reason why we
are ultimately being forced to adopt Exchange en-mass and abandon our
current Cyrus infrastructure.

-David
Post by Joseph Brennan
Post by Ian G Batten
However, people don't want calendaring, they want Outlook.
This describes exactly the point of view of administrative staff. They
live in Microsoft Office, and they need a server to support it. That is
the assignment given.
I was looking at Open-Xchange on the web <http://www.open-xchange.com/>.
The server provides webmail and MAPI interfaces. The "Hosting Edition"
(and maybe the others, it is not clear) can talk to Cyrus and includes
ACL support.
(We're still running both Exchange for admin staff and Cyrus for the
much larger university community of faculty and students.)
Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Darin Perusich
2007-11-13 15:55:15 UTC
Permalink
Have you looked at Funambol for your OSS push email?
Post by David Chait
One key piece of functionality that seems to be missing from every OSS
solution mentioned thus far is mobile device push support (Activesync),
this is not to be underestimated as it is for us, a key reason why we
are ultimately being forced to adopt Exchange en-mass and abandon our
current Cyrus infrastructure.
-David
Post by Joseph Brennan
Post by Ian G Batten
However, people don't want calendaring, they want Outlook.
This describes exactly the point of view of administrative staff. They
live in Microsoft Office, and they need a server to support it. That is
the assignment given.
I was looking at Open-Xchange on the web <http://www.open-xchange.com/>.
The server provides webmail and MAPI interfaces. The "Hosting Edition"
(and maybe the others, it is not clear) can talk to Cyrus and includes
ACL support.
(We're still running both Exchange for admin staff and Cyrus for the
much larger university community of faculty and students.)
Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
--
Darin Perusich
Unix Systems Administrator
Cognigen Corporation
395 Youngs Rd.
Williamsville, NY 14221
Phone: 716-633-3463
Email: ***@cognigencorp.com
David Chait
2007-11-13 17:19:26 UTC
Permalink
Post by Darin Perusich
Have you looked at Funambol for your OSS push email?
No I hadn't heard of it, but thanks for bringing it to my attention, I
will give it a shot.

Cheers,
David
Adam Tauno Williams
2007-11-13 16:00:02 UTC
Permalink
Post by David Chait
One key piece of functionality that seems to be missing from every OSS
solution mentioned thus far is mobile device push support (Activesync),
this is not to be underestimated as it is for us, a key reason why we
are ultimately being forced to adopt Exchange en-mass and abandon our
current Cyrus infrastructure.
You haven't tried Funambol? It supports over-the-air mobile devices
quite well. You can sync IMAP natively, and they have a push
infrastructure. You can sync with various groupware server's using
plugins. For instance the GroupDAV plugin works for OpenGroupware,
Citadel, or USA.NET

Funambol:
http://www.funambol.com/opensource/

GroupDAV plugin:
http://bionicmessage.net/?q=node/18
http://bionicmessage.net/files/GroupWare_doc5.pdf
Joseph Brennan
2007-11-13 15:58:59 UTC
Permalink
Post by David Chait
One key piece of functionality that seems to be missing from every OSS
solution mentioned thus far is mobile device push support (Activesync),
this is not to be underestimated as it is for us, a key reason why we are
ultimately being forced to adopt Exchange en-mass and abandon our current
Cyrus infrastructure.
-
Right. This is a necessity for us too, if we are to integrate the
Exchange and Cyrus systems. One of the interesting things about
Open-Xchange is support for push via SyncML. There is a list of PDAs
that it works with.

The devices we support now need the intermediaries of either GoodLink
or BES attached to Exchange, and if I understand it right (I might not),
they use a MAPI connection to find out when there is new mail. If so
it appears they would work also with systems like Open-Xchange that
offer MAPI connections.

Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology
Ian G Batten
2007-11-14 13:25:51 UTC
Permalink
Post by David Chait
One key piece of functionality that seems to be missing from every OSS
solution mentioned thus far is mobile device push support
(Activesync),
this is not to be underestimated as it is for us, a key reason why we
are ultimately being forced to adopt Exchange en-mass and abandon our
current Cyrus infrastructure.
There's purported to be a solution from Concilliant. http://
www.consilient.com/media/2005/c2-for-cyrus.html

ian
Zachariah Mully
2007-11-14 15:01:43 UTC
Permalink
Post by Ian G Batten
Post by David Chait
One key piece of functionality that seems to be missing from every OSS
solution mentioned thus far is mobile device push support
(Activesync),
this is not to be underestimated as it is for us, a key reason why we
are ultimately being forced to adopt Exchange en-mass and abandon our
current Cyrus infrastructure.
There's purported to be a solution from Concilliant. http://
www.consilient.com/media/2005/c2-for-cyrus.html
ian
Be forewarned, last I had checked on this the licensing costs were a bit
onerous IMO. The software was basically a repackaged BES with their
custom client software.

Z
--
Zachariah Mully
Director, Systems and Networks
SmartBrief, Inc.
***@smartbrief.com
p: 202-737-5500 x226
c: 202-422-8780
f: 202-737-7577
Rob Banz
2007-11-14 18:51:55 UTC
Permalink
Post by Zachariah Mully
Post by Ian G Batten
Post by David Chait
One key piece of functionality that seems to be missing from every OSS
solution mentioned thus far is mobile device push support
(Activesync),
this is not to be underestimated as it is for us, a key reason why we
are ultimately being forced to adopt Exchange en-mass and abandon our
current Cyrus infrastructure.
There's purported to be a solution from Concilliant. http://
www.consilient.com/media/2005/c2-for-cyrus.html
ian
Be forewarned, last I had checked on this the licensing costs were a bit
onerous IMO. The software was basically a repackaged BES with their
custom client software.
After trying consilient, and becoming very frustrated with it, we went
with a vendor called NotifyLink for our wireless devices. Their
product worked well with our crackberrys & palms, integrating with
Cyrus and Oracle Calendar.

-rob
Scott M. Likens
2007-11-14 21:20:31 UTC
Permalink
I looked into using NotifyLink with Zimbra. The cost was a bit heavy,
and the only option for us would have been them hosting it. (We did
not/would not have any Windows Servers/Desktops to run the software).

However luckily my Manager refused to run any software that did not
offer a 'linux solution'. To quote his exact words "No Linux, No
sale."... I spoke to someone who had been using NotifyLink with Cyrus
for a bit later on, and he said it was initially bumpy but eventually it
more or less worked better then the Blackberry Internet Service client.

... afterwards I never heard from NotifyLink again. I imagine their
software was just not that portable.

Scott
Post by Rob Banz
After trying consilient, and becoming very frustrated with it, we went
with a vendor called NotifyLink for our wireless devices. Their
product worked well with our crackberrys & palms, integrating with
Cyrus and Oracle Calendar.
-rob
Rob Banz
2007-11-14 21:26:29 UTC
Permalink
Post by Scott M. Likens
I looked into using NotifyLink with Zimbra. The cost was a bit
heavy, and the only option for us would have been them hosting it.
(We did not/would not have any Windows Servers/Desktops to run the
software).
We're using their hosted solution, which has the added benefit of them
doing the end-user support for *insert stupid device here.* Your
support folks tell you its worth every cent, if they've ever had to
support every idiot and their idiot device.
Post by Scott M. Likens
However luckily my Manager refused to run any software that did not
offer a 'linux solution'. To quote his exact words "No Linux, No
sale."...
That's a rather bad attitude to have. ;) Then again, I'm of the
attitude where I go "what, you don't support Solaris? ONLY Linux!?
Ok, what about your windows solution again..."

-rob
Sebastian Hagedorn
2007-11-13 15:27:54 UTC
Permalink
Post by Joseph Brennan
Post by Ian G Batten
However, people don't want calendaring, they want Outlook.
This describes exactly the point of view of administrative staff.
Fortunately that's not true of everyone.
Post by Joseph Brennan
They
live in Microsoft Office, and they need a server to support it. That is
the assignment given.
If they don't yet have Exchange there's still hope ;-)
Post by Joseph Brennan
I was looking at Open-Xchange on the web <http://www.open-xchange.com/>.
The server provides webmail and MAPI interfaces. The "Hosting Edition"
(and maybe the others, it is not clear) can talk to Cyrus and includes
ACL support.
(We're still running both Exchange for admin staff and Cyrus for the
much larger university community of faculty and students.)
OK, to wean them off Exchange is probably impossible, but for new users
Open-Xchange is (one) possibility. It so happens that they (OX) were here
today because we (Cologne University) are considering the "Hosting
Edition". The beauty of it is that it works as a pretty seamless add-on to
our existing Cyrus infrastructure. We are now waiting for an offer.
--
.:.Sebastian Hagedorn - RZKR-R1 (GebÀude 52), Zimmer 18.:.
Zentrum fÌr angewandte Informatik - UniversitÀtsweiter Service RRZK
.:.UniversitÀt zu Köln / Cologne University - ✆ +49-221-478-5587.:.
.:.:.:.Skype: shagedorn.:.:.:.
Zachariah Mully
2007-11-13 16:25:20 UTC
Permalink
Post by Joseph Brennan
Post by Ian G Batten
However, people don't want calendaring, they want Outlook.
This describes exactly the point of view of administrative staff. They
live in Microsoft Office, and they need a server to support it. That is
the assignment given.
I was looking at Open-Xchange on the web <http://www.open-xchange.com/>.
The server provides webmail and MAPI interfaces. The "Hosting Edition"
(and maybe the others, it is not clear) can talk to Cyrus and includes
ACL support.
(We're still running both Exchange for admin staff and Cyrus for the
much larger university community of faculty and students.)
Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology
Perhaps things have improved since my last foray into this area, but
I've yet to find an "outlook connector" that was stable and didn't
corrupt the hell out of the users PST. And at least with the Kolab
groupware product when I reviewed it, they made several architecture
decisions that completely killed performance and then they went on to
trivialize my concerns. Storing calendar objects as binary attachments
in an IMAP store, effectively making them unsearchable, meant that every
calendar access had to pull the entire store down, process it and
display it. Not cool.

Z
--
Zachariah Mully
Director, Systems and Networks
SmartBrief, Inc.
***@smartbrief.com
p: 202-737-5500 x226
c: 202-422-8780
f: 202-737-7577
Zachariah Mully
2007-11-13 17:40:20 UTC
Permalink
I don't know of ANY Kolab compatible client that would do that. Which
client are you referring to?
Cheers,
Gunnar
This was quite some time ago, around the first release of their 2.x
product IIRC. It was the outlook connector that would save all calendar
entries from outlook to the IMAP server as binary messages, whereas the
Horde web front end saved the entries in xml, so Cyrus was at least able
to search them. So if you tried to access through Horde a calendar from
an Outlook user, it was basically inoperable, as the webclient had to
download the entire calendar mailbox, parse the binaries, sort them,
then display them. Useless for anything more than a hundred entries or
so...
--
Zachariah Mully
Director, Systems and Networks
SmartBrief, Inc.
***@smartbrief.com
p: 202-737-5500 x226
c: 202-422-8780
f: 202-737-7577
Joon Radley
2007-11-14 04:20:07 UTC
Permalink
Hi,
Post by Zachariah Mully
This was quite some time ago, around the first release of their 2.x
product IIRC. It was the outlook connector that would save all calendar
entries from outlook to the IMAP server as binary messages, whereas the
Horde web front end saved the entries in xml, so Cyrus was at least able
to search them. So if you tried to access through Horde a calendar from
an Outlook user, it was basically inoperable, as the webclient had to
download the entire calendar mailbox, parse the binaries, sort them,
then display them. Useless for anything more than a hundred entries or
so...
< SELF PROMOTION ON >

All the Outlook plug-ins for Kolab now support the Kolab-XML format. KDE
Kontact already supports Kolab-XML and Horde will support the format in
Kolab 2.2 (coming soon TM - points finger at Gunnar). So you will have a
choice of 3 commercial Outlook plug-ins, one very reasonably priced, and
native Linux and a web clients.

We also have a migration tool from MS Exchange to Kolab, mail and groupware
objects like calendars, contacts, tasks, etc., still in beta.

< SELF PROMOTION OFF >

Kolab might just be worth another look. http://www.kolab.org/

Best Regards

Joon Radley
Radley Network Technologies CC
Cell: +27 (0)83 368 8557
Fax: +27 (0)12 998 4346
E-mail: ***@radleys.co.za
Web: www.toltec.co.za
Rob Mueller
2007-11-14 06:49:10 UTC
Permalink
So you will have a choice of 3 commercial Outlook plug-ins,
What are the 3 commercial Outlook plugins? Obviously the Toltec one, but
which others?

I've actually always liked the idea of what toltec + bynari were doing. It's
basically using the IMAP server as a database where folders = tables, emails
= records. The nice things about using an IMAP server is that:
1) you're reusing a protocol, rather than creating another one
2) emails can't be altered, so an update is a delete + add which makes
detecting changes easy
3) the server is always authoriative, so syncing tends to be easier

Of course reusing an email protocol to do these other things it was never
meant to do seems hacky as well. Still, is it really any more hacky than
using a blatant file protocol (despite calling files "resources" and
directories "collections") than CalDAV?

As an FYI, last time I tried Bynari and Toltec, my general conclusions were:

Bynari - Annoying they use a binary format for storing the information, but
good that they use the 0-9 ACLs to designate what folders are
calendar/contacts/etc folders, means you don't need the damn ANNOTATEMORE
extension and the patches to make it work with arbitrary values. Seemed a
bit "flaky". It creates some process that runs next to Outlook, and
sometimes that process wouldn't quit when you quit Outlook leaving things in
an odd state. Install/removing the software seemed to be prone to
failures/screwing up your config.

Toltec - Seemed less prone to bugginess than bynari, and using an XML format
seemed more open so we could read it ourselves for other features in the
future. Using ANNOTATEMORE was a pain. There was a showstopper problem
however. When I tested it seemed that Toltec would display all sub-folders
of INBOX, and using annotations it would set the Calendar, Contacts, etc
folders as appropriate to display those items, and all other folders to
display emails, but it would not show the INBOX! At the time I asked support
about this it was suggested that you should setup a POP account to download
the emails from the inbox to the "Local Folders" PST file. This seemed to
completely defeat the purpose of IMAP to me. Has that been fixed?

Also out of interest, how much caching does toltec do? Basically it seems to
me to get any decent performance you effectively have to download all the
calendar/task/etc items from the appropriate folders and cache them all
inside outlook. Any attempt to get from the server on a "when needed" basis
seems like it would never perform well?

Rob
Joon Radley
2007-11-14 11:26:22 UTC
Permalink
Hi Rob,
Post by Rob Mueller
What are the 3 commercial Outlook plugins? Obviously the Toltec one,
but which others?
Toltec, Konsec and Bynari(Kolab support in beta AFIAK)
Post by Rob Mueller
There was a showstopper problem however. When I tested it seemed that
Toltec would display all sub- folders of INBOX, and using annotations
it would set the Calendar, Contacts, etc folders as appropriate to display
those items, and all other folders to display emails, but it would not
show the INBOX! At the time I asked support about this it was suggested
that you should setup a POP account to download the emails from the inbox
to the "Local Folders" PST file. This seemed to
completely defeat the purpose of IMAP to me. Has that been fixed?
Not a bug, but a feature :) Outlook makes a clear distinction between
storage and transport. In IMAP this gets a bit blurred as the INBOX is also
the mechanism for receiving new mail. Using the POP3 moves the mail from the
IMAP4 INBOX to the Outlook Inbox. This is handled by both Kontact and Horde.
Post by Rob Mueller
Also out of interest, how much caching does toltec do? Basically it
seems to me to get any decent performance you effectively have to
download all the calendar/task/etc items from the appropriate folders
and cache them all inside outlook. Any attempt to get from the server
on a "when needed" basis seems like it would never perform well?
But once the initial synchronization is done, it just updates that are done.
There is no real model for skipping the initial synchronization.

Best Regards

Joon Radley
Radley Network Technologies CC
Cell: +27 (0)83 368 8557
Fax: +27 (0)12 998 4346
E-mail: ***@radleys.co.za
Web: www.toltec.co.za
Rob Mueller
2007-11-14 11:50:42 UTC
Permalink
Post by Joon Radley
Not a bug, but a feature :) Outlook makes a clear distinction between
storage and transport. In IMAP this gets a bit blurred as the INBOX is also
the mechanism for receiving new mail. Using the POP3 moves the mail from the
IMAP4 INBOX to the Outlook Inbox. This is handled by both Kontact and Horde.
I admit I still don't get this at all, but that's because I admit I don't
understand Outlook well.
Joon Radley
2007-11-14 12:39:12 UTC
Permalink
Hi Rob,
In Toltec, it almost works the same way, every other folder does
exactly this, except you can't see the INBOX. I just don't understand
why the INBOX has to be special if the standard Outlook IMAP integration
works without it being?
Outlook processes new messages to support their own calendar, task, voting
and custom request. You will lose all this Outlook functionality if you
imported the messages directly from the IMAP4 folder and did not use the
transport mechanism.

There are ways of doing this ourselves, but it is a very risky business as
everything is undocumented and can change with almost every version and
service pack.
Does it poll/monitor folders regularly to see if there's been any
updates from another client on the server, or does it only do it
when you start Outlook
Number of options are available: On Outlook start-up, on folder selection,
automatic download based on set intervals and manually.

Best Regards

Joon Radley
Radley Network Technologies CC
Cell: +27 (0)83 368 8557
Fax: +27 (0)12 998 4346
E-mail: ***@radleys.co.za
Web: www.toltec.co.za
Ian Eiloart
2007-11-15 11:28:06 UTC
Permalink
Post by Joon Radley
In IMAP this gets a bit blurred as the INBOX is also
the mechanism for receiving new mail.
No, an INBOX is simply a mailbox. It's a place that you can deliver email
to, and read email from. With the right delivery agent, it's possible to
deliver email to any mailbox, so there's nothing particularly special about
the INBOX except that it's the default mailbox.

It would be a bit stupid to deliver email to a place that you can't read
it, or vice versa.
Post by Joon Radley
Using the POP3 moves the mail from the
IMAP4 INBOX to the Outlook Inbox.
So, now we have to say "In POP3 this gets a bit blurred as the Outlook
inbox is also a mechanism for receiving new mail". Heck, wherever you read
the email, it got delivered there by some means.
--
Ian Eiloart
IT Services, University of Sussex
x3148
Joon Radley
2007-11-15 12:05:43 UTC
Permalink
Hi Ian,
Post by Ian Eiloart
Post by Joon Radley
In IMAP this gets a bit blurred as the INBOX is also
the mechanism for receiving new mail.
No, an INBOX is simply a mailbox. It's a place that you can deliver email
to, and read email from. With the right delivery agent, it's possible to
deliver email to any mailbox, so there's nothing particularly special
about the INBOX except that it's the default mailbox.
Yes it is a mailbox and there for part of the mail store. It is also part of
the transport mechanism, when the mail is received. So it has a dual
functionality.

I define transport of mail as both the sending and receiving of mail.
Post by Ian Eiloart
So, now we have to say "In POP3 this gets a bit blurred as the Outlook
inbox is also a mechanism for receiving new mail". Heck, wherever you
read the email, it got delivered there by some means.
Yes, but crucially the mail passes through the new mail mechanism of Outlook
before being delivered.

Best Regards

Joon Radley
Radley Network Technologies CC
Cell: +27 (0)83 368 8557
Fax: +27 (0)12 998 4346
E-mail: ***@radleys.co.za
Web: www.toltec.co.za
Ian Eiloart
2007-11-15 13:03:38 UTC
Permalink
Post by Joon Radley
Hi Ian,
Post by Ian Eiloart
Post by Joon Radley
In IMAP this gets a bit blurred as the INBOX is also
the mechanism for receiving new mail.
No, an INBOX is simply a mailbox. It's a place that you can deliver email
to, and read email from. With the right delivery agent, it's possible to
deliver email to any mailbox, so there's nothing particularly special
about the INBOX except that it's the default mailbox.
Yes it is a mailbox and there for part of the mail store. It is also part
of the transport mechanism, when the mail is received. So it has a dual
functionality.
I define transport of mail as both the sending and receiving of mail.
Ok, that's a reasonable way to define the terms. Indeed, if the mechanism
didn't have a place the email to go, then the transport could not take
place.

What I don't understand is that you seem to think that there's a
possibility that email could be stored in some place that it can't be
transported to. Where would that be?
--
Ian Eiloart
IT Services, University of Sussex
x3148
Joon Radley
2007-11-15 13:50:53 UTC
Permalink
Hi Ian,
Post by Ian Eiloart
What I don't understand is that you seem to think that there's a
possibility that email could be stored in some place that it can't be
transported to. Where would that be?
Please read the mails before this one. This discussion is about what Outlook
needs in order to process special messages. When new mail is received and
before the messages gets injected into the message store it need to be
processed. That is why you get a clear distinction between transport and
storage. Where in IMAP the message is injected directly into the storage.

Best Regards

Joon Radley
Radley Network Technologies CC
Cell: +27 (0)83 368 8557
Fax: +27 (0)12 998 4346
E-mail: ***@radleys.co.za
Web: www.toltec.co.za
Olaf Fraczyk
2007-11-15 14:55:32 UTC
Permalink
Post by Joon Radley
Hi Ian,
Post by Ian Eiloart
What I don't understand is that you seem to think that there's a
possibility that email could be stored in some place that it can't be
transported to. Where would that be?
Please read the mails before this one. This discussion is about what Outlook
needs in order to process special messages. When new mail is received and
before the messages gets injected into the message store it need to be
processed. That is why you get a clear distinction between transport and
storage. Where in IMAP the message is injected directly into the storage.
Thats an interesting information. I have always thought that in
Exchange-Outlook world the processing was on the server side and the
messages were sitting on the server.
Or the client side processing is limited to Toltec/Bynari solution?

Regards,

Olaf
--
Olaf Frączyk <***@navi.pl>
NAVI
http://www.navi.pl
http://www.ntp.navi.pl
Ian Eiloart
2007-11-15 16:26:51 UTC
Permalink
Post by Joon Radley
Hi Ian,
Post by Ian Eiloart
What I don't understand is that you seem to think that there's a
possibility that email could be stored in some place that it can't be
transported to. Where would that be?
Please read the mails before this one.
I did.
Post by Joon Radley
This discussion is about what
Outlook needs in order to process special messages. When new mail is
received and before the messages gets injected into the message store it
need to be processed. That is why you get a clear distinction between
transport and storage. Where in IMAP the message is injected directly
into the storage.
Now that's certainly not true.

IMAP is a protocol for reading messages from mail stores. It has nothing to
do with delivery of messages to the mail store.

You're confusing IMAP with mail stores, which may or may not actively
participate in delivery.

For example, we used to use University of Washington IMAP server with the
Exim MTA. Exim handled message delivery - simply putting emails into
mailboxes. UoW IMAP simply served to provide access to those mailboxes,
including listing, searching, transferring between mailboxes and reading
message headers and bodies. OK, so the mail server did do one thing that
impacted on delivery - file locking to prevent delivery processes from
conflicting with IMAP mailbox activity.

Cyrus Mailstore does handle final delivery, but there's plenty of
opportunity to handle messages before that point. For example, we now use
Exim and Cyrus Mailstore, and we have plenty of processing going on in Exim
before hand off to Cyrus (with LMTP) including spamassassin, clamav and
Exim filters. There are also processes between the two, for example Mailman.
--
Ian Eiloart
IT Services, University of Sussex
x3148
Joon Radley
2007-11-15 20:15:32 UTC
Permalink
Hi Ian,
Post by Ian Eiloart
Cyrus Mailstore does handle final delivery, but there's plenty of
opportunity to handle messages before that point. For example, we now
use Exim and Cyrus Mailstore, and we have plenty of processing going on in
Exim before hand off to Cyrus (with LMTP) including spamassassin, clamav
and
Post by Ian Eiloart
Exim filters. There are also processes between the two, for example Mailman.
Very true, but it does not do the processing needed by Outlook. It cannot
convert iTip and winmail.dat attachments to the related message objects and
do the linking in the Outlook message store. This is where you need the
transport mechanism of Outlook.

Best Regards

Joon Radley
Radley Network Technologies CC
Cell: +27 (0)83 368 8557
Fax: +27 (0)12 998 4346
E-mail: ***@radleys.co.za
Web: www.toltec.co.za
Ian Eiloart
2007-11-16 12:24:09 UTC
Permalink
Post by Joon Radley
Hi Ian,
Post by Ian Eiloart
Cyrus Mailstore does handle final delivery, but there's plenty of
opportunity to handle messages before that point. For example, we now
use Exim and Cyrus Mailstore, and we have plenty of processing going on
in Exim before hand off to Cyrus (with LMTP) including spamassassin,
clamav
and
Post by Ian Eiloart
Exim filters. There are also processes between the two, for example Mailman.
Very true, but it does not do the processing needed by Outlook. It cannot
convert iTip and winmail.dat attachments to the related message objects
and do the linking in the Outlook message store. This is where you need
the transport mechanism of Outlook.
So, the problem has nothing to do with IMAP, and everything to do with
message handling before delivery to the mailbox.
--
Ian Eiloart
IT Services, University of Sussex
x3148
Rob Mueller
2007-11-17 09:17:53 UTC
Permalink
Post by Ian Eiloart
So, the problem has nothing to do with IMAP, and everything to do with
message handling before delivery to the mailbox.
If I've assimilated everything right, I think the summary of the problem is:

Outlook handles some email messages specially (the example Joon has used is
iTIP emails). To actually process these special emails, they have to pass
through the Outlook "transport" mechanism. An email appearing in an IMAP
folder is not processed by the Outlook transport mechansim. However an email
POPed from a POP server to a local folder is. There's no api way to just
"invoke" the Outlook transport system on an email, it's a black box thing
that just happens on certain transports.

So just mapping the INBOX to display will result in these special emails
never being "processed". However POPing them will.

I do have a hacky workaround suggestion which might work.

1. Display all folders including INBOX
2. Setup a "dummy" POP account that points to the same cyrus server
3. Make sure the "leave on server" option is set
4. Setup a filter rule in Outlook to just delete all the POPed email

Then emails arriving in the IMAP inbox will appear as normal, but they'll
also be POPed regularly and processed by the Outlook transport mechansim.
Unfortunately this solution wont currently work because (1) is impossible in
Toltec at the moment.

Rob
Bob Bob
2007-11-17 13:03:01 UTC
Permalink
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#3333ff">
<font size="-1">Hi Rob and all<br>
<br>
I have been considering doing this in my environment.

Alain Spineux
2007-11-15 17:09:29 UTC
Permalink
Post by Olaf Fraczyk
Post by Joon Radley
Hi Ian,
Post by Ian Eiloart
What I don't understand is that you seem to think that there's a
possibility that email could be stored in some place that it can't be
transported to. Where would that be?
Please read the mails before this one. This discussion is about what Outlook
needs in order to process special messages. When new mail is received and
before the messages gets injected into the message store it need to be
processed. That is why you get a clear distinction between transport and
storage. Where in IMAP the message is injected directly into the storage.
Thats an interesting information. I have always thought that in
Exchange-Outlook world the processing was on the server side and the
messages were sitting on the server.
This let you install your favorit outlook plugins for : rules
filtering, spam filtering, anti virus filtering ....
Post by Olaf Fraczyk
Or the client side processing is limited to Toltec/Bynari solution?
Regards,
Olaf
--
NAVI
http://www.navi.pl
http://www.ntp.navi.pl
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
--
Alain Spineux
aspineux gmail com
May the sources
Joon Radley
2007-11-15 20:10:31 UTC
Permalink
Hi Olaf,
Post by Olaf Fraczyk
Thats an interesting information. I have always thought that in
Exchange-Outlook world the processing was on the server side and the
messages were sitting on the server.
Or the client side processing is limited to Toltec/Bynari solution?
With Exchange-Outlook the Outlook message store receives on the server. When new mail is delivered to the exchange server it does the special processing before injecting it into the mail store. With the IMAP4 server and SMTP of your choice, the mail must be downloaded to be processes before it can be stored in the Outlook message store.

Best Regards

Joon Radley
Radley Network Technologies CC
Cell: +27 (0)83 368 8557
Fax: +27 (0)12 998 4346
E-mail: ***@radleys.co.za
Web: www.toltec.co.za
Olaf Fraczyk
2007-11-16 09:10:09 UTC
Permalink
Post by Joon Radley
Hi Olaf,
Post by Olaf Fraczyk
Thats an interesting information. I have always thought that in
Exchange-Outlook world the processing was on the server side and the
messages were sitting on the server.
Or the client side processing is limited to Toltec/Bynari solution?
With Exchange-Outlook the Outlook message store receives on the server. When new mail is delivered to the exchange server it does the special processing before injecting it into the mail store. With the IMAP4 server and SMTP of your choice, the mail must be downloaded to be processes before it can be stored in the Outlook message store.
OK. Now everything is clear.
Didn't have the Bynari some server-side solution in the past?
I remember (though not have used) a product called Bynari Server or sth.

Regards,

Olaf
--
Olaf Frączyk <***@navi.pl>
NAVI
http://www.navi.pl
http://www.ntp.navi.pl
Gunnar Wrobel
2007-11-13 17:27:41 UTC
Permalink
Post by Zachariah Mully
Post by Joseph Brennan
Post by Ian G Batten
However, people don't want calendaring, they want Outlook.
This describes exactly the point of view of administrative staff. They
live in Microsoft Office, and they need a server to support it. That is
the assignment given.
I was looking at Open-Xchange on the web <http://www.open-xchange.com/>.
The server provides webmail and MAPI interfaces. The "Hosting Edition"
(and maybe the others, it is not clear) can talk to Cyrus and includes
ACL support.
(We're still running both Exchange for admin staff and Cyrus for the
much larger university community of faculty and students.)
Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology
Perhaps things have improved since my last foray into this area, but
I've yet to find an "outlook connector" that was stable and didn't
corrupt the hell out of the users PST. And at least with the Kolab
groupware product when I reviewed it, they made several architecture
decisions that completely killed performance and then they went on to
trivialize my concerns. Storing calendar objects as binary attachments
in an IMAP store, effectively making them unsearchable, meant that every
calendar access had to pull the entire store down, process it and
display it. Not cool.
I don't know of ANY Kolab compatible client that would do that. Which
client are you referring to?

Cheers,

Gunnar
Post by Zachariah Mully
Z
--
Zachariah Mully
Director, Systems and Networks
SmartBrief, Inc.
p: 202-737-5500 x226
c: 202-422-8780
f: 202-737-7577
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Adam Tauno Williams
2007-11-13 19:29:26 UTC
Permalink
Post by Zachariah Mully
Post by Joseph Brennan
This describes exactly the point of view of administrative staff. They
live in Microsoft Office, and they need a server to support it. That is
the assignment given.
I was looking at Open-Xchange on the web <http://www.open-xchange.com/>.
The server provides webmail and MAPI interfaces. The "Hosting Edition"
(and maybe the others, it is not clear) can talk to Cyrus and includes
ACL support.
(We're still running both Exchange for admin staff and Cyrus for the
much larger university community of faculty and students.)
Perhaps things have improved since my last foray into this area, but
I've yet to find an "outlook connector" that was stable and didn't
corrupt the hell out of the users PST. And at least with the Kolab
Never had a corrupt PST using ZideLook (the Outlook plugin for
OpenGroupware). Make sue they provide a *real* MAPI provider for
outlook and not some background sync thingy (as several Open Source
Outlook connectors do or at least did).
Post by Zachariah Mully
groupware product when I reviewed it, they made several architecture
decisions that completely killed performance and then they went on to
trivialize my concerns. Storing calendar objects as binary attachments
in an IMAP store, effectively making them unsearchable, meant that every
calendar access had to pull the entire store down, process it and
display it. Not cool.
Yep, the Kolab architecture goes in the "what are you, nuts?" column.
Zachariah Mully
2007-11-13 21:29:07 UTC
Permalink
Post by Adam Tauno Williams
Never had a corrupt PST using ZideLook (the Outlook plugin for
OpenGroupware). Make sue they provide a *real* MAPI provider for
outlook and not some background sync thingy (as several Open Source
Outlook connectors do or at least did).
I'll have to give OGo a shot again, when I tested it, their connector
was still alpha-alpha quality. Any other data on your OGo install
(number of users, clients, etc.) that you'd be willing to part with?
I've been lucky to avoid the hellhole of exchange, but we've started
hiring more people from larger companies who can't understand why we
don't have it. Then I ask them how often they lost email or didn't have
email, they usually tell me "frequently" or "several times, for over a
week", and I get to tell them that in 7 years we've only had one
unplanned email outage during business hours which I think lasted an
hour... And that was when I bolloxed something ;)
Post by Adam Tauno Williams
Yep, the Kolab architecture goes in the "what are you, nuts?" column.
Good to hear someone else thought so as well...

Z
--
Zachariah Mully
Director, Systems and Networks
SmartBrief, Inc.
***@smartbrief.com
p: 202-737-5500 x226
c: 202-422-8780
f: 202-737-7577
Adam Tauno Williams
2007-11-13 21:54:22 UTC
Permalink
Post by Zachariah Mully
Post by Adam Tauno Williams
Never had a corrupt PST using ZideLook (the Outlook plugin for
OpenGroupware). Make sue they provide a *real* MAPI provider for
outlook and not some background sync thingy (as several Open Source
Outlook connectors do or at least did).
I'll have to give OGo a shot again, when I tested it, their connector
was still alpha-alpha quality. Any other data on your OGo install
About ~250 users through various means, only a handful of Outlook
users. If you download the InstantOGo ISO it comes with a demo license
(I believe) so you can easily just install & test it in VMware, etc...
http://www.instantogo.com/download/index.html

Also WMOGAG (Whitemice Consulting OpenGroupware Adminstrator's Guide)
might be handy, otherwise documentation other than for ZideLook is
pretty sparse.
http://docs.opengroupware.org/Members/whitemice/wmogag/file_view
Post by Zachariah Mully
(number of users, clients, etc.) that you'd be willing to part with?
I've been lucky to avoid the hellhole of exchange, but we've started
hiring more people from larger companies who can't understand why we
don't have it. Then I ask them how often they lost email or didn't have
email, they usually tell me "frequently" or "several times, for over a
week", and I get to tell them that in 7 years we've only had one
unplanned email outage during business hours which I think lasted an
hour... And that was when I bolloxed something ;)
Post by Adam Tauno Williams
Yep, the Kolab architecture goes in the "what are you, nuts?" column.
Good to hear someone else thought so as well...
Rudy Gevaert
2007-11-13 08:36:55 UTC
Permalink
Post by Scott M. Likens
Have you ever looked at some of the CalDAV Servers out there?
I'll save you some time,
http://trac.macosforge.org/projects/calendarserver
http://rscds.sourceforge.net/
As well as,
http://sourceforge.net/projects/modcaldav/
Truthfully, you don't need Cyrus to support a Calendar. Because in all
honesty, it's unrelated to mail. If you use Kerberos, LDAP, AD, MySQL
for Authentication. Take a look at one of those, tie in that
authentication and you're done. Then depending on which one you choose,
you can have users share their calendars or not.
... There is enough F/OSS out there to emulate everything you can get
with Exchange, and/or any other 'Enterprise' Mail System. No it's not
as seamless as Exchange, but it works just fine and it's an open
standard. You'll find lots more CalDav Servers, and software in the
next 6months to a year.
Well I'm impressed, I didn't know it would already be possible. I'll
keep an eye on those projects. When I have some time I'll give them a
closer look!

Are you running any calendar server?

Rudy
--
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Rudy Gevaert ***@UGent.be tel:+32 9 264 4734
Directie ICT, afd. Infrastructuur ICT Department, Infrastructure office
Groep Systemen Systems group
Universiteit Gent Ghent University
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Michael D. Sofka
2007-11-13 14:09:52 UTC
Permalink
Post by Scott M. Likens
Have you ever looked at some of the CalDAV Servers out there?
I'll save you some time,
http://trac.macosforge.org/projects/calendarserver
http://rscds.sourceforge.net/
As well as,
http://sourceforge.net/projects/modcaldav/
And, Bedework: http://www.bedework.org/

Mike
--
Michael D. Sofka ***@rpi.edu
C&MT Sr. Systems Programmer, Email, TeX, Epistemology
Rensselaer Polytechnic Institute, Troy, NY. http://www.rpi.edu/~sofkam/
Scott M. Likens
2007-11-13 20:14:40 UTC
Permalink
I was using a Tomcat based CalDAV Server. for awhile, I forget what
it's name was. However I have actually been using the CalDav server
from apple lately (see url 1 in the the quote). It's been quite pleasant.

I am sure there is better, there is worse. They have a great love of
python that is for sure.

Scott
Post by Rudy Gevaert
Post by Scott M. Likens
Have you ever looked at some of the CalDAV Servers out there?
I'll save you some time,
http://trac.macosforge.org/projects/calendarserver
http://rscds.sourceforge.net/
As well as,
http://sourceforge.net/projects/modcaldav/
Truthfully, you don't need Cyrus to support a Calendar. Because in all
honesty, it's unrelated to mail. If you use Kerberos, LDAP, AD, MySQL
for Authentication. Take a look at one of those, tie in that
authentication and you're done. Then depending on which one you choose,
you can have users share their calendars or not.
... There is enough F/OSS out there to emulate everything you can get
with Exchange, and/or any other 'Enterprise' Mail System. No it's not
as seamless as Exchange, but it works just fine and it's an open
standard. You'll find lots more CalDav Servers, and software in the
next 6months to a year.
Well I'm impressed, I didn't know it would already be possible. I'll
keep an eye on those projects. When I have some time I'll give them a
closer look!
Are you running any calendar server?
Rudy
Ian G Batten
2007-11-13 09:38:11 UTC
Permalink
Post by Rudy Gevaert
If we could ever get a decent calendar system that works together with
Cyrus or other software many people would be happy.
We run Cyrus for mail, Oracle Collaboration Suite ($$, but not
Exchange-$$) for calendaring. The Outlook plugin that allows Outlook
to believe it has a genuine Exchange instance under it plays nice
with Cyrus (its target is Oracle's IMAP server that's bundled with
OCS). The OCS plugin for Exchange is smart enough to use CRAM-MD5
(or is it DIGEST-MD5) authentication if available, and TLS if available.

ian
Adam Tauno Williams
2007-11-13 11:54:50 UTC
Permalink
Post by Ian G Batten
Post by Rudy Gevaert
If we could ever get a decent calendar system that works together with
Cyrus or other software many people would be happy.
We use OpenGroupware - http://www.opengroupware.org

Server is entirely Open Source; Outlook plugin (MAPI provider) is
commercial.

Works very well with Cyrus; which is its intended IMAP server.
Post by Ian G Batten
We run Cyrus for mail, Oracle Collaboration Suite ($$, but not
Exchange-$$) for calendaring. The Outlook plugin that allows Outlook
to believe it has a genuine Exchange instance under it plays nice
with Cyrus (its target is Oracle's IMAP server that's bundled with
OCS). The OCS plugin for Exchange is smart enough to use CRAM-MD5
(or is it DIGEST-MD5) authentication if available, and TLS if available.
Adam Tauno Williams
2007-11-13 13:35:07 UTC
Permalink
Post by Scott M. Likens
3. Can't handle high load very well, in fact it handles load horribly.
I have a friend who works at a small shop who reports exactly the same
issue with Zimbra, s..ll...ooo..wwww...
Post by Scott M. Likens
3) ClamAV. Do note how much email I said we dealt with a minute. We
didn't get a great deal of email. Maybe 2000 email a day? Not overly
much. However as the ClamAV database would grow, if you restarted
ClamAV or Zimbra eventually it would take too long for ClamAV to start
and would not listen on the port assigned and would make mail fail to
deliver. (Ouch huh?)
In defense of CLAMAV I can say that we run it on our SMTP server (not on
the IMAP or groupware server which seems like a bad idea). It works
well and is pretty stable. If your CLAMAV was causing you this problem
then Zimbra must have boloxed the setup or you just had a bad version.
Ian G Batten
2007-11-13 15:12:13 UTC
Permalink
Post by Adam Tauno Williams
Post by Scott M. Likens
3. Can't handle high load very well, in fact it handles load
horribly.
I have a friend who works at a small shop who reports exactly the same
issue with Zimbra, s..ll...ooo..wwww...
Post by Scott M. Likens
3) ClamAV. Do note how much email I said we dealt with a minute. We
didn't get a great deal of email. Maybe 2000 email a day? Not overly
much. However as the ClamAV database would grow, if you restarted
ClamAV or Zimbra eventually it would take too long for ClamAV to start
and would not listen on the port assigned and would make mail fail to
deliver. (Ouch huh?)
In defense of CLAMAV I can say that we run it on our SMTP server (not on
the IMAP or groupware server which seems like a bad idea). It works
well and is pretty stable. If your CLAMAV was causing you this problem
then Zimbra must have boloxed the setup or you just had a bad version.
Clamav-milter works very well for sendmail shops, without any amavis
involvement at all. The slow startup bug is an artefact of one
particular release: it now comes up in about 15 seconds. Once it's
running it's perfectly rapid enough to cope with our complete
internal load. clamd-milter can do the parsing of archives,
breaking up of MIME etc at least as well as amavisd.

If you don't have an equivalent to clamav-filter for your MTA of
choice, then you need to make sure that you start clamd, and then
pass the material to be scanned with clamdscan (note the d). clamd
will need to be running as a user that can read the temporary files,
because the best way to use clamd is to pass filenames over the
AF_UNIX domain socket.

We in fact run clamav-milter with its built-in clamd support, for
reasons I can't offhand remember. So we fire up clamd, then clamav-
milter, then clamav-milter passes temporary files to clamd.

If you have to use amavisd, make sure you tell it to use clamdscan
rather than clamscan. The latter does indeed take 10 seconds to fire
up.

clamd likes large pages, Solaris fans.

Our milter startup script: there is some local stuff in there.

#!/bin/sh

case "$1" in
start) mv /var/clamav/clamd.log /var/clamav/clamd.log.old
LD_PRELOAD=mpss.so.1
MPSSHEAP=4M
MPSSSTACK=64K
export LD_PRELOAD MPSSHEAP MPSSSTACK
newtask -p clam /usr/local/sbin/clamd
attempt=1
sleep=5
while [ $attempt -lt 5 ]; do
if /usr/local/bin/clamdscan /etc/termcap; then
break
else
attempt=`expr $attempt + 1`
sleep=`expr $sleep + 5`
echo sleeping for $sleep seconds, attempt $attempt
sleep $sleep
fi
done

# --postmaster=***@ftel.co.uk \
# --postmaster-only \

newtask -p milter /usr/local/sbin/clamav-milter \
--dont-blacklist=`/usr/local/bin/fujitsuhosts` \
--noreject \
--dont-wait \
--local \
--outgoing \
--quiet \
--external \
--pidfile=/var/clamav/milter.pid \
--whitelist-file=/etc/mail/clamav-whitelist \
inet:2010

newtask -p spam /usr/perl5/bin/spamd -s local6 -u spamd -x -d
--pidfile=/var/run/spamd.pid
su spamd << \ZZZ
newtask -p milter /usr/local/sbin/spamassassin_milter -p inet:
2002 &
ZZZ
newtask -p milter /usr/local/sbin/mailarchive -u archive -p
inet:4001
newtask -p milter /usr/local/sbin/spamtrap -u spamtrap -p inet:
4000

;;
stop) for i in /var/clamav/milter.pid /var/run/spamd.pid; do
test -f $i && kill `cat $i`
done
pkill -u spamd
pkill -u clamav
pkill -u archive
pkill -u spamtrap
;;
esac
Scott M. Likens
2007-11-13 20:22:25 UTC
Permalink
Ian,

The only problem with using clamav-filter (or something appropriate) as
a milter, etc. Was it did not fall into what Zimbra designed. Quite
frankly I think it would have been a lot smoother with
Sendmail+Milter+Clamav+whatever else they wanted.

However, that is not the direction they picked, either for licensing or
whatever.

One thing with Zimbra, is you don't exactly get to pick what you want.
They throw a ball of software at you, and expect you to work with it.

I admit, if I didn't review their code as much, and try and see how it
worked. I would have been more oblivious and pleased with Zimbra maybe.

Scott
Post by Ian G Batten
Post by Adam Tauno Williams
Post by Scott M. Likens
3. Can't handle high load very well, in fact it handles load
horribly.
I have a friend who works at a small shop who reports exactly the same
issue with Zimbra, s..ll...ooo..wwww...
Post by Scott M. Likens
3) ClamAV. Do note how much email I said we dealt with a minute. We
didn't get a great deal of email. Maybe 2000 email a day? Not overly
much. However as the ClamAV database would grow, if you restarted
ClamAV or Zimbra eventually it would take too long for ClamAV to start
and would not listen on the port assigned and would make mail fail to
deliver. (Ouch huh?)
In defense of CLAMAV I can say that we run it on our SMTP server (not on
the IMAP or groupware server which seems like a bad idea). It works
well and is pretty stable. If your CLAMAV was causing you this problem
then Zimbra must have boloxed the setup or you just had a bad version.
Clamav-milter works very well for sendmail shops, without any amavis
involvement at all. The slow startup bug is an artefact of one
particular release: it now comes up in about 15 seconds. Once it's
running it's perfectly rapid enough to cope with our complete
internal load. clamd-milter can do the parsing of archives,
breaking up of MIME etc at least as well as amavisd.
If you don't have an equivalent to clamav-filter for your MTA of
choice, then you need to make sure that you start clamd, and then
pass the material to be scanned with clamdscan (note the d). clamd
will need to be running as a user that can read the temporary files,
because the best way to use clamd is to pass filenames over the
AF_UNIX domain socket.
We in fact run clamav-milter with its built-in clamd support, for
reasons I can't offhand remember. So we fire up clamd, then clamav-
milter, then clamav-milter passes temporary files to clamd.
If you have to use amavisd, make sure you tell it to use clamdscan
rather than clamscan. The latter does indeed take 10 seconds to fire
up.
clamd likes large pages, Solaris fans.
Our milter startup script: there is some local stuff in there.
#!/bin/sh
case "$1" in
start) mv /var/clamav/clamd.log /var/clamav/clamd.log.old
LD_PRELOAD=mpss.so.1
MPSSHEAP=4M
MPSSSTACK=64K
export LD_PRELOAD MPSSHEAP MPSSSTACK
newtask -p clam /usr/local/sbin/clamd
attempt=1
sleep=5
while [ $attempt -lt 5 ]; do
if /usr/local/bin/clamdscan /etc/termcap; then
break
else
attempt=`expr $attempt + 1`
sleep=`expr $sleep + 5`
echo sleeping for $sleep seconds, attempt $attempt
sleep $sleep
fi
done
# --postmaster-only \
newtask -p milter /usr/local/sbin/clamav-milter \
--dont-blacklist=`/usr/local/bin/fujitsuhosts` \
--noreject \
--dont-wait \
--local \
--outgoing \
--quiet \
--external \
--pidfile=/var/clamav/milter.pid \
--whitelist-file=/etc/mail/clamav-whitelist \
inet:2010
newtask -p spam /usr/perl5/bin/spamd -s local6 -u spamd -x -d
--pidfile=/var/run/spamd.pid
su spamd << \ZZZ
2002 &
ZZZ
newtask -p milter /usr/local/sbin/mailarchive -u archive -p
inet:4001
4000
;;
stop) for i in /var/clamav/milter.pid /var/run/spamd.pid; do
test -f $i && kill `cat $i`
done
pkill -u spamd
pkill -u clamav
pkill -u archive
pkill -u spamtrap
;;
esac
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
!DSPAM:4739ffa181401346466276!
Zachariah Mully
2007-11-13 22:06:04 UTC
Permalink
Post by Scott M. Likens
Ian,
The only problem with using clamav-filter (or something appropriate)
as a milter, etc. Was it did not fall into what Zimbra designed.
Quite frankly I think it would have been a lot smoother with Sendmail
+Milter+Clamav+whatever else they wanted.
However, that is not the direction they picked, either for licensing
or whatever.
One thing with Zimbra, is you don't exactly get to pick what you want.
They throw a ball of software at you, and expect you to work with it.
I admit, if I didn't review their code as much, and try and see how it
worked. I would have been more oblivious and pleased with Zimbra maybe.
Scott
I looked at it when it was announced and it ticked me off that you had
to move over to their proprietary IMAP server. I never understood why
they couldn't have made that aspect of it pluggable. Cool interface
until you're on dialup.

Z
Scott M. Likens
2007-11-13 20:18:17 UTC
Permalink
Post by Adam Tauno Williams
Post by Scott M. Likens
3. Can't handle high load very well, in fact it handles load horribly.
I have a friend who works at a small shop who reports exactly the same
issue with Zimbra, s..ll...ooo..wwww...
I'm glad to know that I wasn't alone, even though I was positive I was not.
Post by Adam Tauno Williams
Post by Scott M. Likens
3) ClamAV. Do note how much email I said we dealt with a minute. We
didn't get a great deal of email. Maybe 2000 email a day? Not overly
much. However as the ClamAV database would grow, if you restarted
ClamAV or Zimbra eventually it would take too long for ClamAV to start
and would not listen on the port assigned and would make mail fail to
deliver. (Ouch huh?)
In defense of CLAMAV I can say that we run it on our SMTP server (not on
the IMAP or groupware server which seems like a bad idea). It works
well and is pretty stable. If your CLAMAV was causing you this problem
then Zimbra must have boloxed the setup or you just had a bad version.
It was a bad ClamAV version that they shipped. I replaced it with a
more current version (it was .80.7 or some really old version). Then it
was working again without it dying on it's own or anything.

Scott
Vincent Fox
2007-11-08 23:23:23 UTC
Permalink
Post by Gary Mills
How many
and what sort of people does it take to maintain a system such as
this? I need a good argument for hiring a replacement for me.
At a minimum you want 1 qualified person and someone cross-trained
as a backup, so that person can reasonably enough have vacations.

Any decent sysadmin should be able to MAINTAIN such a service
I don't think actually programming skills should be primary. I have been
doing sysadmin work since 1989 and the actual programming work I've
done in that time has been maybe 2% of it. If you have a lot of custom
interface stuff to your campus systems maybe you need more programmer
skills. As a completely inappropriate generalization, former engineers
and mathematicians also make good sysadmins because they have the mindset
and the skills for problem decomposition and trouble-shooting.
Post by Gary Mills
My director seems interested in outsourcing our e-mail system, judging
by the number of articles on outsourcing that he sends to me. Google
and Zimbra with a commercial contractor are the latest two. Replacing
a perfectly functioning e-mail system seems ludicrous to me, as does
subjecting our users to a migration for no reason. I assume at least
that he wants vendors to quote on a replacement system. Perhaps once
he sees the cost, he will change his mind. I suppose it depends on
whether the quote includes the real cost. Does anyone here have
experience in this area? I know that CMU and other universities want
to maintain their own e-mail systems. What's the justification in
these cases?
<rant>

Entirely off-topic for Cyrus, but I am OPPOSED to outsourcing emails.
TANSTAAFL.

Let me analogize. If a nearby bank wanted to make a deal with you, that
they
would help out with some of your accounting functions so you could offload
some work and in exchange ALL they wanted was having all your students
as bank customers, would you approve that? Would you not see this as an
inappropriate attempt to capture all your students for life? I would.

The folks at Google in particular, people keep forgetting they sell
ADVERTISING.
They have no loyalty to your users at all, and the entire basis on which
they operate
is getting control of peoples eyeballs and minds and making money off that.
The search and email business are built AROUND that attempt to capture
people as totally involved consumers to which they help sell stuff.

I have nothing against people making money and selling stuff. However when
in my role as a university employee I see lots of this sort of muddy
thinking that
it's "free" or low-cost so why not? It's not free and it's not without
social implications.
</rant>

HTH
Adam Tauno Williams
2007-11-09 13:24:00 UTC
Permalink
Post by Vincent Fox
Post by Gary Mills
How many
and what sort of people does it take to maintain a system such as
this? I need a good argument for hiring a replacement for me.
At a minimum you want 1 qualified person and someone cross-trained
as a backup, so that person can reasonably enough have vacations.
Any decent sysadmin should be able to MAINTAIN such a service
I don't think actually programming skills should be primary.
Agree. I maintain a Cyrus system. And on most days that doesn't even
involve touching it. Any reasonably proficient person with UNIX skills
should be able to take over Cyrus administration given they are willing
to do some reading.
Post by Vincent Fox
I have been
doing sysadmin work since 1989 and the actual programming work I've
done in that time has been maybe 2% of it. If you have a lot of custom
interface stuff to your campus systems maybe you need more programmer
skills. As a completely inappropriate generalization, former engineers
and mathematicians also make good sysadmins because they have the mindset
and the skills for problem decomposition and trouble-shooting.
Yep.
Bron Gondwana
2007-11-11 03:31:45 UTC
Permalink
Post by Adam Tauno Williams
Post by Vincent Fox
Post by Gary Mills
How many
and what sort of people does it take to maintain a system such as
this? I need a good argument for hiring a replacement for me.
At a minimum you want 1 qualified person and someone cross-trained
as a backup, so that person can reasonably enough have vacations.
Any decent sysadmin should be able to MAINTAIN such a service
I don't think actually programming skills should be primary.
Agree. I maintain a Cyrus system. And on most days that doesn't even
involve touching it. Any reasonably proficient person with UNIX skills
should be able to take over Cyrus administration given they are willing
to do some reading.
I maintain a Cyrus system and it's taken over my life! Yikes.

Summary for this week:

* crc32 for indexes hummning along in the background.
* getting more skiplist corruptions - going to have to post about this.
We lost 4 mailboxes.db files this week, 3 during controlled failover,
one during the night when nobody was working on it. Suspect new ACL
feature on the web interface which allows more frequent updates is
causing issues.
* the one buggy skiplist I actually still have a copy of, the "logstart"
value in the header is wrong, causing recovery to fail with only a few
of the records still reachable because it hits another INORDER record
rather than the ADD record and drops out. I've got the monitoring
system set up to let me know if it finds any other skiplist errors and
take a copy of the offending file.
Post by Adam Tauno Williams
Post by Vincent Fox
I have been
doing sysadmin work since 1989 and the actual programming work I've
done in that time has been maybe 2% of it. If you have a lot of custom
interface stuff to your campus systems maybe you need more programmer
skills. As a completely inappropriate generalization, former engineers
and mathematicians also make good sysadmins because they have the mindset
and the skills for problem decomposition and trouble-shooting.
Yep.
Agree there. Sysadmin has always been a fraction of my work because I
tend to do a lot of "glue" programming to abstract away anything that's
sysadmin work. My first really major project (after converting us from
CVS to Subversion) was making all the servers install automatically from
PXE boot and the configurations all set themselves up with "make
install" from the Subversion repository, so that most everyday sysadmin
is now automated - just update the master config file, roll it out,
restart affected services.

So day to day we need less than one sysadmin, but of course incident
response is unpredicatable, and having two good sysadmins (Rob and I
share sysadmin responsibility here) available is very handy. Both
for the "you can let one of them have a holiday" point of view and
the "two heads are better than one" ability to work past the other's
mental blocks and avoid getting stuck in a rut trying to solve
problems.

Bron.
Andrew Morgan
2007-11-08 23:40:03 UTC
Permalink
Post by Gary Mills
We have a moderate-sized Cyrus system for 30,000 students and 3000
employees. It's a critical service in the sense that thousands of
people depend on it. It has excellent performance, lots of capacity,
and plans for expansion. I'm the only one familiar enough with Cyrus
and sendmail to maintain it, although this is not normally full time.
I'm also the one who tracks down hard problems in Unix and does
development in a number of other areas. Other than our data
management person, who supplies the LUNs for the e-mail store, I'm the
one who manages the system.
I'm also going to be 65 in two days, although I plan to stay around
for a year or so. My director will be replacing me, but I assume this
will be with an entry-level person who will not have the ability to
maintain the Cyrus system, at least initially. Other people in my
group do not have the skills or the available time to administer this
system. I'm trying to convince him to hire somebody with development
and programming experience, but without much success so far. How many
and what sort of people does it take to maintain a system such as
this? I need a good argument for hiring a replacement for me.
I am the sole person responsible for the Cyrus installation at Oregon
State University. Our Cyrus system is similar in size, although most of
our employees use the Exchange email system. Operating, monitoring, and
maintaining Cyrus takes very little of my time on a day-to-day basis.
Cyrus has been very reliable for us.

However, when it is time to perform a major upgrade of the operating
system, Cyrus software, or the underlying hardware (servers or SAN), then
you definately want someone involved that understands all the intricacies.
In that situation (which is inevitable), you'll really want a person with
excellent system administration, development, and programming skills. At
OSU, my job classification is "Operating Systems/Network Analyst", which
pretty much sums it up.

I am not a DBA, but I think the position is fairly similar. You want
someone with an extensive background that understands how all the pieces
fit together. If someone can't solve I/O bottlenecks and understand how
to properly size and design a complex system like Cyrus, then they will
fail when you need them the most.

Email is a critical service for most organizations. I wouldn't fill the
position with an entry-level candidate.
Post by Gary Mills
My director seems interested in outsourcing our e-mail system, judging
by the number of articles on outsourcing that he sends to me. Google
and Zimbra with a commercial contractor are the latest two. Replacing
a perfectly functioning e-mail system seems ludicrous to me, as does
subjecting our users to a migration for no reason. I assume at least
that he wants vendors to quote on a replacement system. Perhaps once
he sees the cost, he will change his mind. I suppose it depends on
whether the quote includes the real cost. Does anyone here have
experience in this area? I know that CMU and other universities want
to maintain their own e-mail systems. What's the justification in
these cases?
We had some overtures from Google and Microsoft to outsource our email
system. Unless you can save a lot of money by outsourcing email, I don't
know why anyone would pursue this option. I don't have the numbers on
hand, but we wouldn't save much money by outsourcing email, even if it was
free. Also, there are several downsides (which were mentioned in another
response) related to security, support, and the customer experience.

I can understand why a small organization would outsource email, but
30,000 accounts is not small by any measure. A 30,000 employee
corporation is huge!

Andy
Reko Turja
2007-11-11 12:07:31 UTC
Permalink
Subject: Re: How many people to admin a Cyrus system?
Post by Andrew Morgan
Post by Gary Mills
We have a moderate-sized Cyrus system for 30,000 students and 3000
employees. It's a critical service in the sense that thousands of
people depend on it. It has excellent performance, lots of
capacity,
and plans for expansion. I'm the only one familiar enough with Cyrus
...
Post by Andrew Morgan
I am the sole person responsible for the Cyrus installation at
Oregon
State University. Our Cyrus system is similar in size, although most of
My opinion is that at least couple of people knowledgeable about the
mail systems would be a good idea. In my experience Murphys laws hit
hard when the people in the know are at the holidays or like. And of
course if people change their workplace you always have another person
inhouse who knows the mail system well. My experience is mostly from
small business, moderately sized educational institutions (for
Finland) and hobbyist installations, but mail backends seems in
general to be pretty happy with minimal care (excluding Lotus ;) ).

I am using Cyrus for very small user base, 20ish user hobbyist system,
so I don't really know what happens when you have thousands of users.
For us Cyrus has worked like charm though, surviving OS version bumps,
migration from BDB to skiplist and so on. Worst thing that ever
happened was major power outage and severe accompanied power surges at
our co-lo (which being cheap doesn't have UPSes nor allow using
one...) which caused poor old UFS some distress.
Post by Andrew Morgan
Post by Gary Mills
My director seems interested in outsourcing our e-mail system, judging
by the number of articles on outsourcing that he sends to me.
Google
and Zimbra with a commercial contractor are the latest two.
Replacing
a perfectly functioning e-mail system seems ludicrous to me, as does
subjecting our users to a migration for no reason. I assume at least
that he wants vendors to quote on a replacement system. Perhaps once
he sees the cost, he will change his mind. I suppose it depends on
whether the quote includes the real cost. Does anyone here have
experience in this area? I know that CMU and other universities want
to maintain their own e-mail systems. What's the justification in
these cases?
The biggest benefit I can see in the outsourcing is that you
*hopefully* have enough qualified staff in the helpdesk - As in my
experience that is the biggest human resource hog in mail systems, and
the need of helpdesk staff grows along the amount of mail accounts. Of
course having well written documentation on how to read your mail with
the chosen mail client helps a lot, but there always are those people
who want to see the staff in person or ask help in the phone.

The drawbacks though, at least as I see them are:
If the mail system is outside your local network, what happens when
the Internet connection dies for some reason? Of course, the mail from
outside doesn't work in such situation, but with internal mail
infrastructure, at least the mail inside the local network works.

Sadly much of the support staff used by the outsourcing companies
isn't that great either, so you might have instant response to
distress call or email, but the support might be second rate.

Outsourcing also loses you more or less agility in the administration
of mail system, which might be a drawback depending on circumstances.
In small organisations the agility is lost if you need temporary email
accounts for contract workers or other short term things, usually on a
short notice. On larger organisations you can't have your own upkeep
scripts deactivating or reactivating accounts etc. which might lead on
gathering of fluff on the mail system.

In general what I've learnt from talking with people who have
outsourcing experience, the cheap outsourcing alternatives can have
pretty steep hidden costs. Better grade services from the wholesale IT
companies tend to be better grade than the El Cheapos, but they do
cost significantly more as well. Generally at least here in Finland,
outsourcing isn't the cheapest alternative.

And of course on the topic of Google, I'm not sure if I wanted my mail
trawled for personalised advertising keywords...

And then the scourge of modern e-mail, spam and virii. With your own
e-mail system you can be just as relaxed or strict as you want and you
can plan the whole defense strategy on the exact knowledge how the
mailing system works from the border mail router to the client.

If your boss is bent on outsourcing, at least make him to ask the
quotes based on the current properties of your present e-mail system:
availability, backups, response times, what happens if there's major
problem at weekend/holiday time etc. Having those in the contract with
punishments if the promises are not met wouldn't be bad either.
Post by Andrew Morgan
I can understand why a small organization would outsource email, but
30,000 accounts is not small by any measure. A 30,000 employee
corporation is huge!
The latest company I worked in IT support did the exact opposite, we
insourced :D e-mail, web servers, DNS etc. It was a small cross-media
company with 20-40 employees and the gains in agility were huge.
Adding emails for project workers for the duration of their project,
having project websites for previews and whatever se up on their own
secure HTTP domains on moments notice. Interestingly enough, the
insourcing didn't really raise the costs of the upkeep.

We tried for a good while previously to explain to management that
moving all the IT stuff in-house would be a good idea, but when our
provider back then managed to wipe our whole website - Just after a
major press release about winning a first prize on a Europe-wide
competition - The management did start to see the light as well. After
the wipe, the provider got 3 week old copy of the website back online
after a one day "no such domain" annoncement for the interested
people. Of course that 3 week old copy didn't have the relevant info
about the announcement and we were unable to do anything to our
website while the company was looking for their backup archives. Two
weeks after that the insourcing happened.

After this experience, I'm quite leery on the promises of the
outsourcers contra the reality. The expensive dedicated IT houses
might have good backup strategies, but the cheaper ones tend to work
on belief that nothing ever breaks. Of course, there are excellent
small hosting and IT companies out there with cheap prices, but
usually those are aimed for smaller markets and not for the companies
whose staff is in the thousands. (And finding an excellent small
IT-company is hit and miss as those tend to be advertised through the
grapevine.

Sorry for the long ramble from hobbyist Cyrus user, but the discussion
kind of sparked my interest. Hope it isn't pure chaff either.

-Reko
Ian Eiloart
2007-11-09 12:09:35 UTC
Permalink
Post by Gary Mills
We have a moderate-sized Cyrus system for 30,000 students and 3000
employees. It's a critical service in the sense that thousands of
people depend on it. It has excellent performance, lots of capacity,
and plans for expansion. I'm the only one familiar enough with Cyrus
and sendmail to maintain it, although this is not normally full time.
I'm also the one who tracks down hard problems in Unix and does
development in a number of other areas. Other than our data
management person, who supplies the LUNs for the e-mail store, I'm the
one who manages the system.
I'm also going to be 65 in two days, although I plan to stay around
for a year or so. My director will be replacing me, but I assume this
will be with an entry-level person who will not have the ability to
maintain the Cyrus system, at least initially. Other people in my
group do not have the skills or the available time to administer this
system. I'm trying to convince him to hire somebody with development
and programming experience, but without much success so far. How many
and what sort of people does it take to maintain a system such as
this? I need a good argument for hiring a replacement for me.
We're using two people (me and my boss), but both with substantial other
responsibilities. Both have skill sets similar to the one that you
describe. We also have user support people who answer queries, but don't do
any configuration. I was recruited as an entry-level person, but took main
responsibility for our SMTP service within a couple of years.

If you have other Unix admins, with knowledge of email, then you could
probably recruit at entry level, and get away with it if you provide an
intensive training programme.
Post by Gary Mills
My director seems interested in outsourcing our e-mail system, judging
by the number of articles on outsourcing that he sends to me. Google
and Zimbra with a commercial contractor are the latest two. Replacing
a perfectly functioning e-mail system seems ludicrous to me, as does
subjecting our users to a migration for no reason. I assume at least
that he wants vendors to quote on a replacement system. Perhaps once
he sees the cost, he will change his mind. I suppose it depends on
whether the quote includes the real cost. Does anyone here have
experience in this area? I know that CMU and other universities want
to maintain their own e-mail systems. What's the justification in
these cases?
I don't know about costs. I do know that you could not outsource our email
service without simplifying it a lot. For example, would your contractors
be able to use your campus authentication mechanism? Would they be able to
use your existing user support processes? Would you be able to introduce
new services, or service enhancements? Would your user's privacy be
protected?
--
Ian Eiloart
IT Services, University of Sussex
x3148
urgrue
2007-11-09 14:39:38 UTC
Permalink
Post by Ian Eiloart
Post by Gary Mills
My director seems interested in outsourcing our e-mail system, judging
by the number of articles on outsourcing that he sends to me. Google
and Zimbra with a commercial contractor are the latest two. Replacing
a perfectly functioning e-mail system seems ludicrous to me, as does
subjecting our users to a migration for no reason. I assume at least
that he wants vendors to quote on a replacement system. Perhaps once
he sees the cost, he will change his mind. I suppose it depends on
whether the quote includes the real cost. Does anyone here have
experience in this area? I know that CMU and other universities want
to maintain their own e-mail systems. What's the justification in
these cases?
I don't know about costs. I do know that you could not outsource our email
service without simplifying it a lot. For example, would your contractors
be able to use your campus authentication mechanism? Would they be able to
use your existing user support processes? Would you be able to introduce
new services, or service enhancements? Would your user's privacy be
protected?
In my experience outsourcing looks great on paper but never works out as
expected. For one thing you must be _very_ careful about hidden costs
and SLAs. You need to think of _everything_ you need now and in the
future and have it specified in the contract at fixed prices. I have
never seen a project outsourced that didn't end up costing significantly
more than was originally assumed.

"Oh, you want shared folders, too? You didn't specify that as a
requirement when we built this system..." $$$$ ka-ching! $$$$

(Very!) generally speaking doing something in-house is cheaper than
outsourcing. Outsourcing is good if you have more money than
time/energy/resources and/or want someone to blame when there's trouble.

I would never consider outsourcing as a cost-saving measure, except in
very specific situations (DNS and web hosting are good examples,
provided your needs are relatively simple)

I would be quite surprised if you can find a provider that will offer
you a 30000+ user mail system for less than it costs to hire one decent
admin. Even in the initial calculation!

I would consider outsourcing in some scenarios, but probably never if
you've got a perfectly good, functional system already built, and all
that is needed is 1 or 2 admins to maintain it.
Nikola Milutinovic
2007-11-13 14:56:21 UTC
Permalink
Post by Adam Tauno Williams
We use OpenGroupware - http://www.opengroupware.org
Server is entirely Open Source; Outlook plugin (MAPI provider) is
commercial.
Works very well with Cyrus; which is its intended IMAP server.
Speaking of calendars,... What about Mozilla Sunbird/Lightning?

They can speak to WebDAV enabled ICS calendar format. With a special extension, Google Calendar Provider (freely available from addons.mozilla.org), they can talk to Google Calendar.

Has anyone seen a calendar server that will work with Cyrus and Sunbird?

Sunbird is really great and Lightning makes me NOT want to ever touch Outlook.

Nix.



____________________________________________________________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs
Ulrich Spoerlein
2007-11-13 17:20:30 UTC
Permalink
Post by Nikola Milutinovic
Post by Adam Tauno Williams
We use OpenGroupware - http://www.opengroupware.org
Server is entirely Open Source; Outlook plugin (MAPI provider) is
commercial.
Works very well with Cyrus; which is its intended IMAP server.
Speaking of calendars,... What about Mozilla Sunbird/Lightning?
They can speak to WebDAV enabled ICS calendar format. With a special
extension, Google Calendar Provider (freely available from
addons.mozilla.org), they can talk to Google Calendar.
Has anyone seen a calendar server that will work with Cyrus and Sunbird?
We are using www.egroupware.org as Mail/Calendar/Contact-Frontend and it
has rudimentary ICS over HTTP support. I spoke to the main developer and
he says that ICS over HTTP is basically a very stupid idea (which I
concur). Other than the occasional glitch, it's working fine with
Sunbird/Lightning.

Anyway, progress is made on getting GroupDAV (or was it CalDAV?) working
with eGroupware, but it is still not there, though.
Post by Nikola Milutinovic
Sunbird is really great and Lightning makes me NOT want to ever touch Outlook.
I prefer the KDE PIM suite Kontact over Mozilla's products any day. It
has tons of bugs, but also some very cool features which I would never
want to miss again.

Cheers,
Ulrich Spoerlein
--
It is better to remain silent and be thought a fool,
than to speak, and remove all doubt.
Adam Tauno Williams
2007-11-13 19:42:03 UTC
Permalink
Post by Ulrich Spoerlein
Post by Nikola Milutinovic
Post by Adam Tauno Williams
Server is entirely Open Source; Outlook plugin (MAPI provider) is
commercial.
Works very well with Cyrus; which is its intended IMAP server.
Speaking of calendars,... What about Mozilla Sunbird/Lightning?
They can speak to WebDAV enabled ICS calendar format. With a special
extension, Google Calendar Provider (freely available from
addons.mozilla.org), they can talk to Google Calendar.
Has anyone seen a calendar server that will work with Cyrus and Sunbird?
We are using www.egroupware.org as Mail/Calendar/Contact-Frontend and it
has rudimentary ICS over HTTP support. I spoke to the main developer and
he says that ICS over HTTP is basically a very stupid idea (which I
Yep, ICS over HTTP is not a groupware solution. ICS is just a dumb
"calendar" file, it doesn't deal with discrete events so trying to
share an ICS file results in a mess.
Post by Ulrich Spoerlein
concur). Other than the occasional glitch, it's working fine with
Sunbird/Lightning.
OpenGroupware works with Sunbird, with some glitches. CalDAV support is
being hammered out.
Post by Ulrich Spoerlein
Anyway, progress is made on getting GroupDAV (or was it CalDAV?) working
with eGroupware, but it is still not there, though.
GroupDAV for contacts on OpenGroupware works pretty well.
Lars Schimmer
2007-11-15 08:10:12 UTC
Permalink
Post by Nikola Milutinovic
Post by Adam Tauno Williams
We use OpenGroupware - http://www.opengroupware.org
Server is entirely Open Source; Outlook plugin (MAPI provider) is
commercial.
Works very well with Cyrus; which is its intended IMAP server.
Speaking of calendars,... What about Mozilla Sunbird/Lightning?
They can speak to WebDAV enabled ICS calendar format. With a special
extension, Google Calendar Provider (freely available from addons.mozilla.org),
they can talk to Google Calendar.
Post by Nikola Milutinovic
Has anyone seen a calendar server that will work with Cyrus and Sunbird?
Sunbird is really great and Lightning makes me NOT want to ever touch Outlook.
We use the OpenGroupware.org server at our site with CalDAV and
Thunderbird/Lightning or sunbird.
It works for most parts, some are needed to be bugfixed.
Outlook plugin works well, to.
Post by Nikola Milutinovic
Nix.
Cya
Lars
Continue reading on narkive:
Loading...