is :
1) IMAP mail stays on the mail server.
2) People abuse mail storage systems. I have had people backing there machine up
and saving the files on our mail server.
3) Any mail on the mail server is the responsibility of the ISP.
4) In Canada as of Jan 2004, Any mail on the mail server must be available to the
customer, even if the account is suspended, all new mail must be rejected indicating
that the account is suspended.
5) Due to privacy laws, it is in the ISP's best interest not to keep customer
mail on their servers, for reasons of liability. If a hard drive becomes corrupted
and someones mail is read unintentionaly during the recovery of damaged files,
the ISP is liable to criminal and civil action.
The mail is yours, so you should store it, and be resposible for it.
Maybe before you whine about ISP's email offering you should, try and price out the
costs for supporting 20,000 mail accounts. I keep about 300MB of mail on my machine
but lets consider 30MB for an average user. I recieve about 1GB of mail {UCE included}
per year, lets say 100MB for the average user. Now lets say ISP's pay about $0.01/MB of
traffic, and 1MB of storage costs $10 per year to maintain. A user will read the good mail
messages that they keep at least twice, and checks mail at least once a week. The other
costs for equipment and labour are part of the overall service costs, not included here.
IMAP
100MB to get mail to ISP
100MB to get mail to customer initialy
30MB to read mail a second time {UCE not read again}
= 230MB traffic per year
230 * $0.01 = $2.3 per year
100MB / 52 ~ 2MB to store transient mail
30MB constant storage
= 32MB
32 * $10 = $320 per year
$2.3 + $320 = $322.3 per year = $26.86 per monthPOP3 100MB to get mail to ISP 100MB to get mail to customer = 200 MB traffic per year 200 * $0.01 = $2 per year 100MB / 52 ~ 2MB to store transient mail 2 * $10 = $20 per year $2 + $20 = $22 per year = $1.83 per month
Savings using POP3 $26.86 - $1.83 = $25.03 per month 25.03 / 26.86 = 93%
Is IMAP worth $25 per month to you?
By the way, we do provide squirrel mail for our customers, but we disabled the folders
because it is supposed to be only for checking mail when away from your computer.
For the $30 per month an ISP gets for a residential account, doesn't cover the costs
an ISP must pay to service the account. Although residential DSL cost ISP's more than
they get from the customer, to stay in the market residential DSL has to be offered
and supplied at market rates.
Jay Daniels wrote:
On Wed, Nov 26, 2003 at 04:29:40PM -0800, Gordon Messmer wrote:
Aaron Konstam wrote:---end quoted text---
t is wrong with the imaps and pop3s facilities in RH 9. They seem toOn a system with many users (ones who leave mail on the server), the UW-IMAP pop3 and imap servers use too much disk IO.
work pretty well for us.
Then use Courier Imap. The source includes an easy way to create an rpm.
For better result, do away with pop3, and only allow the web server to connect to the imap server and install a good web based email application on the web server. There are Squirrel Mail and many other php based webmail apps available. Use ssl for security.
With a lot of people using DSL, I wonder how many DSL connections are volunerable to password sniffing when pop3 passwords are sent in plain text?
Perhaps having ssh on the mail server and allowing user to login to a controlled menu shell to read mail is a better more secure alternative?
Why are people and ISPs so reluctant to address pop3 security issues? Furthermore, why do people and organizations use Outlook and Outlook Express at all? One reason is that many ISPs do not have very good webmail. They will not consider Squirrel Mail, but usually install some other crappy webmail that does nothing but use pop3 to grab your mail from a remote mail server.
It is my belief that if ISPs and organizations had a good web mail application setup from the gitgo, people would not even bother with Outlook and they would use the webmail as their favorite mailer. User space on the server would need to be increased too.
If I was in charge of an organization today, I would insist that all Outlook and Outlook Express email clients be removed from their systems.
I don't understand why organizations and system operators have not taken control of their own systems. Security is only as good as the weekest password. I read many security tips for Redhat and they all say minumize open ports. If you only open port 80 and 443 to the outside, this would surely be a good start to a more secure system.
jay
-- Guy Fraser Network Administrator
There is a fine line between genius and lunacy, fear not, walk the line with pride. Not all things will end up as you wanted, but you will certainly discover things the meek and timid will miss out on.
-- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
