Virtualmin email only project.

7 posts / 0 new
Last post
#1 Mon, 02/08/2010 - 11:50
ChuckFisher

Virtualmin email only project.

This seems to be the best place to post about a challenge I am facing. But I need a little input. Virtualmin seems to have taken a backseat to Cloudmin. And Cloudmin is something I cannot, and would never want to use. Plus I’m prevented by law and customer requirements from using it.

Examples:

1.I have a lawyer whose business I got because he says that he’s required by law to know where his email, which contains confidential client information, is actually/physically located. When I took him to my server room and pointed to my Virtualmin server. He signed up.

2.I have an entire medical group. Which has more than a handful of Dr’s and their assistants, their communication with insurance and patients, and even their phone system connects to my server sending voicemail messages to the Dr’s smartphones. Just about all this contains confidential patient information. I again got their business because I was able to setup a VPN between their office and my server. Then the smartphones have a secure player program (provided by their phone system provider) so it’s secure all the way from their phone system to the Dr’s ear. I won’t go into the web site and it’s encrypted forms (how the patients communicate to them over the Internet). But let’s just say, it’s a very tight system. And I had to help develop a lot on my side to make it work.

But now I’ve got a problem. One of the domains I host on Virtualmin was hacked. This customer considered themselves knowledgeable enough to maintain their own domain. They let one of their moron employees, with a common username, change his password to a dictionary word with Usermin. And someone in Germany got into the account and used it to send spam. I caught this and stopped it in less than 12 hours (started while I was asleep), but the damage caused and the time I had to spend getting off blacklists. And the fact the hacker seems to have spread the word that he hacked into that system has kept me busy fending off other “attacks”, and trying to make sure all the other accounts are not being as stupid.

So… No more Mr. Nice-guy. I’m building a SSL only (very anal, and intentionally so. Requiring a SSL cert for every email account) email system to move all 5 of my email servers over to. I want it to also have groupware ability for the domains that want it. And the groupware needs to support SyncML & Activsync.

I know Horde can do SyncML (somewhat), and there’s Z-Push for Activesync. Both of which are available in Virtualmin “Install Scripts”. But I’ve been testing these and cannot get them to work. Maybe it’s because the people behind Virtualmin have been spending most of their time developing Cloudmin. The install script for Horde left out a lot of php-perl modules it needed. And it did not configure it correctly to access the IMAP server. And the Z-Push installed did not seem to be configured for anything. And there's nothing I can find documenting how to set it up installed with the package. I have to use the Z-Push web site, which is lacking somewhat itself.

But maybe it’s because this server has been used all weekend for testing other packages. I’ve tried Kolab, Open-Exchange (OX), Zimbra and a few others. And found them all lacking in some way, or too much of a headache to manage for my needs. And to be honest, since this server is for testing/development it’s behind a NAT firewall.

So I’m about to give Virtualmin another shot. This time giving it a public IP, but still behind a router I built using Shorewall so I can do port forwarding and blocking.

My Virtualmin license expires soon. I need to decide if I’m going to renew it since I’ve found GPL Virtualmin to do all I need for the other hosting.

So has anyone else had a similar challenge? If so, what did you find worked best for you? And does Virtualmin have a future since Cloudmin seems to be the new, but useless to me, path being taken.

Thanks for any input!

Chuck

Mon, 02/08/2010 - 12:07
andreychek

Howdy,

While Virtualmin, Inc is offering two products -- Virtualmin and Cloudmin -- one isn't taking a backseat to the other.

One isn't meant to replace the other... they work best in conjunction with each other. Cloudmin provisions new servers, and Virtualmin can then be used to manage it.

The majority of folks, like yourself, just use Virtualmin. Some people, those running multiple servers and/or VPS's, get a lot out of Cloudmin.

There's still regular updates to the Virtualmin software, and Jamie is very responsive to any issues that arise in either -- and certainly with install scripts.

However, he can't fix things he doesn't know about :-)

So if you're seeing problems with the Horde Install Scripts, you'll need to let us know by filing a bug report (using the Support link above).

Whenever you do an install of Horde, if it doesn't function out of the box, that's a bug!

File a bug report, and Jamie will work with you to figure out what's going on and get it resolved for the next release.

Thanks,

-Eric

Mon, 02/08/2010 - 14:07 (Reply to #2)
ChuckFisher

Thanks Eric,

I'm somewhat out of the loop when it comes to the full Virtualmin. Like I said, I"ve been using GPL for all my servers since I've been customizing it for my customer needs. And my Virtualmin license has pretty much been gathering dust. Matter of fact, it wasn't until I fired up a old server sitting on a shelf that I found I still had it installed somewhere. But since it was a old 512 MB P3 server. It was mostly for play I even installed it on that. Probably 2 years ago. I bought the license mostly as a way to financially support Virtualmin, and could give the receipt to my bookkeeper without needing to explain what it was for.

Now I'm more serious about testing. And hoping to get some benefit from Virtualmin. Hardware is a P4 3.2Ghz, has 250 Gig RAID1 (although fake-raid), 4 Gig's of memory. But as I mentioned, I need to give it a real IP before I blame Jamie for the install scripts. (Working on setting up another VLAN on the switch in that rack as I type this). Got a dual quad-core Xeon with 16 Gig's of memory and 6 Tb RAID storage waiting for when I get past testing.

But what about the entire concept of what I'm trying to do? Can open source give me a groupware server that can do everything I'm hoping to accomplish? None of the other packages I tested came close to what I'm needing. Citadel was interesting. But would be confusing because of it hanging onto it's BBS roots, and needs to drop that idea. Kolab keeps trying to do everything with LDAP and IMAP storage, but needs to get a real database. And keeps trying to become it's own standard on a lot of different things. But can't seem to follow it's own standard because it keeps changing. Zimbra is simply greedy. I cut my email teeth with Mercury on Netware 3.11 and still believe in that's authors (original) belief. That email, and the ability to communicate should be free. Open-Xchange just released a new version. It's full of bugs. And a lot of addon's have not been updated to work with the new version. Maybe once they have been ironed out I'll give it another look.

These are just the one's I tried this weekend. Starting with pulling off Kolab and giving up after working on it for almost a year.

It's looking like I've got to build my own. Using bits and pieces from different projects. But quite frankly I'm getting tired of doing that. I've already got over a dozen servers/appliances I've had to do that with, and I was hoping to find something, for once, that would "just work" so I could blow away one of my customers idea of buying a Exchange server (To support their outside sales-people's Blackberry's) tomorrow instead of taking a few weeks to build it, and by then they may have already made up their mind. Plus my current problem of those ^$&%$W#!Q hackers still trying to get into that server.

Mon, 02/08/2010 - 14:35
andreychek

Howdy,

Well firstly, Virtualmin won't solve your email/groupware needs, though perhaps it'll make managing parts of your server simpler :-)

However, whenever it comes to choosing software, it tends to come down to personal preference.

Some of the options you didn't care for would be labeled as "Awesome" by other folks. OTOH, there's also plenty of folks who fully agree with you ;-)

In addition to the software you mentioned, here's a few other options that you may find worth exploring:

I'm sure there's a few I've missed, those were just off the top of my head.

There's also a variety of Linux commercial offerings you could try... or, you could find an existing service provider of one of the above, and rather than managing it yourself, you could act as a reseller between the online service and your customers.

However, perhaps some others who have some experience with groupware offerings will share their experiences!

-Eric

Mon, 02/08/2010 - 15:05 (Reply to #4)
ChuckFisher

Thanks for the quick reply.

I'll look at Atmail. Never heard of it. Scalix is something I've looked at, but don't remember at the moment what I found wrong. Google Apps is out of the question. Recall my requirements, legal and customer?

Please keep up the suggestions! I'm needing to find as many to look at as I can. And even though I didn't spell it out. Here's a few more notes: Needs multi-domain. Does NOT need anti-virus, anti-spam, SPF etc checking. As a matter of fact, if those functions can't be removed, it's out. I've build a relay server to do that, and I have customers paying me to use it. It's what allows me to keep using GroupWise since it's a open relay that Novell will not patch because they want you to upgrade (they have picked up the bad habits of and are learning from M$).

Chuck

Tue, 02/09/2010 - 01:44
Joe
Joe's picture

Virtualmin seems to have taken a backseat to Cloudmin.

Wherever did you get that idea?

Virtualmin is the name of our company, for goodness sake! We're serious about Virtualmin, we have an order of magnitude more paying Virtualmin customers than Cloudmin customers, and we've continued to release new Virtualmin versions every 2-4 weeks, just as we did before Cloudmin existed. Cloudmin is a complementary product, that many of our larger hosting provider customers find useful.

And, I'll also mention that HIPPA and various email retention regulations are evolving to deal with cloud computing. The Amazon Web Services blog has covered a number of those issues in detail in recent months. It is true that some aspects of some industries cannot move into the cloud yet due to regulatory barriers...but it's far fewer than you've indicated (most email retention rules, for example, do not actually require a specific single server, though it may require specific policies regarding who has access to the servers where sensitive data is located, as well as the ability to guarantee availability of that data for some period of time). HIPPA has some geographic and data center requirements, but does not completely preclude cloud computing infrastructure.

Anyway, it sounds like the problem Virtualmin (and/or Cloudmin) solves is not the problem you are trying to solve. Sorry about that, and we wish you the best of luck in discovering a good solution. ;-)

--

Check out the forum guidelines!

Tue, 02/09/2010 - 13:52 (Reply to #6)
ChuckFisher

Sorry for jumping to conclusions Joe!

Not trying to make excuses, but the explanation is...

Like I said. I've let my Virtualmin Pro license just gather dust. Have not been visiting the sites, forms, anything for quite some time. Pretty much the last time was when I renewed it.

But I don't build a Linux server without Webmin, and my office network has over a dozen, and even some Linux desktops I use for development/network management have it. So I'm very familiar with it. And all my hosting servers that I allow customers access do so through Virtualmin/Usermin GPL. I know it like the back of my hand (now play that scene from Robots in your mind).

Anyway. I'm trying to come up with ideas for my project. The Virtualmin Pro license comes to mind. I hop onto the site to get the latest install script. And all I see is Cloudmin. Of course the name tells me what it's all about. So over the cliff I dive. Didn't bother doing any research into what it's about. I already know I'll never use it. Not because of the HIPPA stuff. You actually explained more about it than I know. Or need to. There's lawyers on staff here that keep up to date on all that. They tell me what they need and I build, design, or re-purpose systems.

But thanks. I'm still trying. No luck so far. Looking more and more like I'll have to develop my own just like pretty much every other server/appliance I build. But that's why I love Linux and wish M$ would fall off the face of the earth.

Chuck

Topic locked