Mail server on Amazon Web services? Possible?
 

Hello all,

We have our web site hosted by Go daddy and they provide us with the mail service as well. But there are a lot of constraints with the mail service with regards to the number of mail boxes, size per box, relays per user and so on.
To avoid this, we are looking at other options. One is to have our own mail server but it will require a lot of infrastructure and expertise.
But Amazon web services looks nice. They have infrastructure needed and all. One thing on my mind is the reverse look up of the mail servers. They wont be associated with the domain as both would be on different hostings.
I am open to both windows exchange server as well as Linux server.
Has anyone done this before or has any idea about it? I have gone through some of the threads in their forum and there are a lot of mixed views about it.
And main concern everyone views is the reverse lookup. This could lead to all the mails sent from my server tagged as spam at the recipient end.

To mods: I could not make out in which forum to write and hence in newbie. If this is enough about networking or server please move it.

Hm...

You've got about 5000 posts, you're runnung Ubuntu, and you don't have the answer to at least most of your questions below?

I'll address some below by dispelling myths...

dunno why you would have done that in the first place, unless you have absolutely no experience and only three or four mail users to deal with in the first place.


Stop! Right there! That's your answer.

No it won't. an afternoon or two of reading up a bit, a couple of hours installing an operating system, connect the server to your Internet connection and vroom! You're off and running.


Now you're starting to see why it's best just to run your own server ;)

You really do want to spend a lot of money don't you?

Good choice. UNIX machines run the entire Internet anyway - so why wouldn't you use a (free) operating system that is designed for it in the first place?

It just makes sense.

You're choices are, for the most part:

1.) Sendmail

2.) Exim

3.) Postfix

4.) Qmail

All four are excellent choices, no matter what anyone here says. For example, I personally don't like Qmail, Postfix is very easy to administer and Exim is arguably the most extensible, while Sendmail is... Well it's been around for few decades if this means anything ;)

I've used and use them all - they're all very good MTAs.

don't worry about that. Look, you can get a VPS system for about ten bucks a month at many hosting providers. A couple I can recommend are http://HostGator.com and http://Web24.com.au

Running mail will be as easy as pie, and if you get the cPanel VPS option all you have to do is point, click, and setup your email aliases for all of your users - easy, cheap, and hassle free.

This was the right place.

What has my number of posts to do with issues I have? And how do they matter with asking for suggestions? And I do not have anywhere close to 5K posts. And nowhere in LQ have I called myself to be an expert or Guru. If my post count makes any difference, I would be happy to reset them to 0.

Anyhow, thanks for your suggestions. Its long so I will go one by one.

Our go daddy issue is not ours but at their end. The options they have are such. The plan that we can afford is one with limited space. Sorry for some mistake. We can create users but can not allocate space. The maximum we have is 100megs. And that has nothing to do with us. Its their plan.

I am also looking for our own server and I do have one running for testing on CentOS5.4 using Zimbra FOSS. And when I say infrastructure, I mean to say the security point of thing. It got to be really strong on that front.

I know there are a lot of options available and I think I have made a good choice on Zimbra. It uses Postfix anyhow. Just easy to manage and administer.

I am looking at the options for VPS you provided. Let me look there. And I do not need any aliases.

But I still want to look into Amazon Web services front. And if they can provide us with firewalls and security then, I will be able to be productive without worrying about the security of my system.

Zimbra is good, at some point you need to sit down and work out exactly how much load you'll be putting on this, and quite whether or not you need to be looking into cloud based stuff such as Amazon. That sounds disingenuous, so I'll explain what I mean;

* Are you anticipating a high server load?
* Are you anticipating security issues that you yourself can't fix?
* Are you anticipating really sophisticated attacks that would mean a concerted attempt to root you? (Ignoring script kiddies and opportunistic attackers that can be deflected simply enough)
* Do you see a need for massive and rapid growth in the immediate future?
* Do you lack any skill or knowledge in basic setup/ ability to read documentation?

Those are the general points for considering letting someone else set up your mail server.

But sorry, to actually answer your post title; http://developer.amazonwebservices.c...sageID=129616& looks a good jumping off point

Thanks James. I have gone through the link that you provided already. Going cloud is just not my decision. I can not make at my end. It was suggested by my boss to look into it. And someone else suggested him that it can be done.

To answer you queries:

I do not anticipate a very high load right now. But it would increase with time. And still a good quality hardware will do it for me. So that is not too much of an issue.

Yeah. This is where I am bit of stuck. I aint an expert on firewalls and hardening servers. But I can read and learn. That is how I learned and got into Linux.

Whether or not server gets attacked, I need be careful always and keep the server security tight. Thats just a point. Need not wait for someone to attack the server and then look for security holes.

There will surely be growth in number of users, mailboxes and traffic. But it should not be exponential.

Well I am well with basic Linux. So I can read and learn new things. Not a problem. But I have not worked with mail servers before too much.

Another issue spams. This is biggest problem a lot admins would be facing today. I could still learn and put a mail server of myself.
But we do not right now have a live ip of ourself. The internet connection at here at office is coming through DSL modem router. It though has a static ip but it would not resolve to us but to the internet provider.

Nothing generally, except that the way in which your question was crafted didn't coincide, from what I perceived, with the level of understanding I would expect.

And to some degree I think that bears out. You've have done more research and have more understanding of the matter than your question seemed to indicate.

Thanks, I didn't take offense anyway :)

Actually, you probably do. Perhaps not, but probably so.

If you system has users named joe, mary, dick, and your MTA is configured to deliver incoming mail for its domain to local users, then their email addresses might be joe@yourbox.chemlab.chemco.com if your domain is chemlab.chemco.com (3LD.SLD.TLD).

If you want email to go to joe@chemco.com, or joe.smith@chemco.com, instead of people having to remember to send mail to joe@yourbox.chemlab.chemco.com then you need aliases.

The same is true if the email address is jsmith@yourbox.chemlab.chemco.com and you want it to go to joe@chemco.com - jsmith being the actual username on the box.

The email address is going to contain the username and the FQDN of the host, while an email alias is typically the username and domain, or whatever you want the user to be called, and the (SLD.TLD) domain.

@Brad,

The post was not meant to offend you and thanks it did not. I do not give much conscience to the number of posts. Though I have more than 2K posts but I aint expert, and I know that and accept that.
On the other hand, for example, you have posted much lesser than me, but have better knowledge and understanding.

But yes, I do understand and might so better than some of the other new members here. And thanks for the explanation on aliases.
But if I read it correctly, the aliases are configured on the mail server. And if I am going to have my own mail server, I would have the access to do that at my end. I already have web hosting by go daddy and do have control panel to change the MX records for the domain. So I can change mail server settings for the domain myself as well. So the users and mail boxes are going to be created at the server end. So I can create aliases to user@domain to point to user@server.domain and receive all the mails and receive accordingly.

But it is not going to be solely my decision, I would highly appreciate any thoughts on hosting it on Amazon web services.

The issues that we think we have are

1. Cost of ownership.
2. Infrastructure. There are a lot of power cuts. And can not afford down times.
3. Internet lines. Are not that cheap for leased lines with static ip addresses.

Okay, thats simple enough; though the resolving to your ISP is a bit of a pity.

The thing about security is this; the more ports and services you need open, the harder it is to secure. In this case so long as you're using something like postfix which has a reasonable record and a large user/developer base, and are using simple firewall rules (only allowing ports 22, 25 and 143) on a dedicated hosted box somewhere (so patching, load balancing and so on) is out of your hands.

For the most part, mbox size, quotas, spam and antivirus, mail servers are a doddle to do; a lot of things work sufficiently well out of the box, albeit with a bit of config'ing, for it to be simple.

In short, I'd suggest the really old fashioned boring method of just getting a box in a reasonable data centre. Personally, but this is just me, I'd knock out a report making cloud stuff sound expensive and faulty, and privately just sack it off as a bad job.

(But thats just me)

If thats what you end up doing, I'm sure I can put together a couple of good links and reading lists

I second that suggestion. I really can't speak to the Amazon solution and I'm always leary of such situations (which are often designed to lock you into the vendor), and would look more towards Jame's suggestion of getting a box somewhere with adequate connectivity and (basic) managed security.

Again, probably one of the most inexpensive options would be a VPS, and then add a bit more for cPanel with that.

I'm a slackware stalwart, and although most VPS solutions will be offered with FreeBSD, Solaris, or CentOS, in a case like this I actually would recommend going with the RPM based distro, 'CentOS'. It's managed and updated by the hosting provider and that won't affect your operations.

Also, the "Parallels" control panel has an easy to configure basic firewall.

On the other hand, if you can afford for a dedicated box, that is IMO, and I believe as James also suggests, the best solution.

Well we can not afford a dedicated server. VPS is one option. And we already have a VPS hosting at go daddy. But they do not give much freedom with mailboxes.
I myself wanted to have mail server at our end. This could have given me a lot more freedom but this is not what seniors are accepting for. And there are issues with internet connection and power outages. And these issues are something that we can not manage at our end.
And hence we are looking for putting up outside our campus so that at least we are worry free about this.
AWS does not lock users with operating platform. There are Linux flavors available with them, RHEL, debian, and Ubuntu are specifically marked. So, I may choose one of these if the situation arise for using AWS services.
Will keep you updating about this. Have not taken any final decision on this as yet.