MailStudio 2000

MailStudio 2000 is a web-based e-mail server from 3R Soft for Linux, Solaris, HP and DEC that provides web-based e-mail service for users.
Technical Features

The server has a number of functions and features to help it deal with the complicated issues which arise in something seemingly as simple as web-mail. Not all mail is processed following the same protocol, so in addition to the standard Sendmail and SMTP, MailStudio is also able to support POP servers and retrieve mail from them.

Security, such as it is, is achieved by way of cookies, which are encrypted with MD5, and customers can order SSL services as well. The server supports numerous standards such as MIME (Multipurpose Internet Mail Extensions), multipurpose and dynamic HTML, ISO2022, Quoted Printable, BASE 64, uuencode, two-byte character sets and multiple-language environments. Embedded in the system is the CodeBase 6.3 database for dealing with all the data.

Overall, the server is flexible, adaptable and generally cooperative. For example, you can assign MailStudio to a specific port in order to avoid conflicts with a web site you are already running, and you can implement virtual mail hosts to achieve multi-domain support. In terms of resource consumption, MailStudio allegedly can support over one million users and can deliver fast service even during heavy loads. (I could not exactly verify this point, so we'll have to take their word for it.) The system is self-contained, with safeguards, simple methods and standard error procedures, and requires very little maintenance.

Security

Holistically speaking, the problem with networks is security. Every packet of information usually travels through several machines, and all it takes is a packet sniffer at any point along the way and your data can be intercepted. This is a reason not to send unencrypted credit-card information over the Internet. (This is also why we want the U.S. government to allow stronger encryption.) However, when it comes to dealing with sending passwords over the Internet, it's a complicated problem to fix. For this reason, web-based e-mail has always been vulnerable to security breaches, whether through accessing a page directly to bypass login or through packet sniffers routing out people's passwords. Cookies have largely put an end to the former problem, but the latter is still with us. Fortunately, crackers (as Eric Raymond likes to call them) don't have too much interest in reading other people's web-based e-mail. Still, at login, your user name and password are sent unencrypted across the network to the MailStudio server, as are the e-mail messages you send and receive. Although this is the same situation as with TELNET or almost anything else, it's not safe and something must be done (hence secure shells). 3R says it can purchase and implement an SSL package from a third party and integrate it into MailStudio in order to have encrypted first-pass user name and password data. I think 3R should just write SSL into MailStudio since it is, after all, an open protocol. Maybe it'll show up in a later version; I certainly hope so. If systems were secure in the first place, fewer curious people would be in prison, and script kiddies wouldn't seem so annoying.

MailStudio of the Future

Even though it seems like a simple task, implementing a web-based e-mail server is complicated due to the numerous protocols, standards and platforms. Because of this, 3R concentrated on performing one task simply and doing it well. Much effort was put into making this software run easily, and I think it is a success. I'm not a web type (three cheers for Lynx), and I managed to have it up and running in less than ten minutes.

One strange quality of MailStudio 2000 is that the advertisement 3R sent with it didn't exactly correspond with the features on the server. The reason? MailStudio is still being improved. Now that the base product exists with everything working, 3R can concentrate on improving the features, such as search routines or user management. I have been told by 3R that their later releases will have all sorts of neat things. An on-line demo at http://www.mailstudio.com/ shows the system and demonstrates the current features.

I was definitely impressed with MailStudio 2000's ease of use. While I am concerned about the insecure first pass of user name and password, and the flickering during the first screen load, it seems to be quite resource-minimal. One strange thing I noticed is that all e-mail I receive from MailStudio comes with paragraphs formatted as single lines, which is a bit weird. Still, with web-based products so easy to use, it's not hard to understand how the Web has become so immensely popular and populated. MailStudio is more expensive than I'd like (which means it costs more than Apache), but I suppose if you have the resources to run a web site, perhaps you can afford the price—still, ouch.

MailStudio 2000 is targeted not only at free e-mail providers but at educational and commercial organizations, Internet service providers and government and public institutions. It received five Golden Penguins from TUCOWS and is listed as a Sun Microsystems software solution. You can download a trial version (which supports five users or so) from http://www.3rsoft.com/. It is Y2K compliant (well, wouldn't it be fun to have a product named MailStudio 2000 that wasn't Y2K compatible?) and it just so happens I'm running it successfully from a VArStation in which the BIOS clock thinks it's the year 2036 (though server problems will arise in 2038). If you're looking for a web-based e-mail server for your Linux box, definitely take a look at MailStudio. It's already very neat, and I'm told the next version will be a total web-based e-mail solution.

Jason Kroll (hyena@ssc.com) came to Linux from the world of Commodore 64 and Amiga where he grew up—he likes GNU/Linux so well he's not going back. He has been spotted on the streets of Silicon Seattle handing out Linux CDs to passers-by.

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix