If you’re considering deploying an e-mail server for your organization, you may think that your only option is Microsoft Exchange. But if you need just basic mail service, possibly with calendaring and/or a Web interface, NetMail XE from Novell may be for you. Part of the NetMail product line, NetMail XE works on NT 4 or Windows 2000, and it doesn’t require Directory to be in place for it to work. In this Daily Drill Down, I’ll show you how to install NetMail XE as an alternative to Microsoft Exchange.

Equipment needs

The overhead required for NetMail is fairly minimal when compared to Exchange, so you can run it on a single-processor server with 384 MB of RAM without a problem. Even though NetMail XE comes from Novell, you’re not forced to run it on NetWare. For the purposes of this article, I’ll be implementing NetMail on a Windows 2000 Server. Before installing NetMail, make sure you’ve installed the latest patches on your server. In my case, I used Service Pack 2 and all the patches available for that level.

Installing NetMail XE
If you want to use the Web interface to send and receive e-mail, you should install NetMail on a server that will be doing nothing but that. Unlike Exchange, which you add to the server’s URL to get into the Web interface, NetMail replaces the main starter page so you don’t have to worry about typing anything extra behind the server’s fully qualified domain name.

Start the installation process by inserting the NetMail XE CD into the server’s CD-ROM drive. When the NetMail XE Internet Messaging screen appears, click on the Installation option. The next screen you’ll see will give you the option to install NetMail, the Palm Conduit, or the ActiveSync Provider. Select the Install NetMail option.

A wizard will appear shortly after you’ve selected the NetMail option. Click Next. After reviewing the License Agreement, click Yes. When the Setup Type screen appears, select the Typical option and click Next. When the Start Copying Files screen appears, review the directory that NetMail will be installed to and the options that will be installed with it, and then click Next.

A Setup Status screen will then show the installation’s progress. When the files have been copied from the CD-ROM, the NetMail XE Configuration Utility window will appear. Enter the domain name that your mail server will be handling, as well as the two domain name servers it will use for DNS resolution, and then click OK. When the installation process completes, click Finish.

Configuring NetMail XE
To administer NetMail, click Start | Programs | NetMail XE | Manage NetMail XE. NetMail uses a specialized view of Microsoft’s Management Console, and it does an excellent job of integrating into a Windows 2000 environment. When you use the NetMail XE Administration console, you’ll see the regular screens that you’re used to when creating a user, with the addition of a NetMail XE tab for the user-specific tasks.

NetMail XE also gives you the option to configure or manage the server from a Web browser. The NetMail XE menu has an option called Launch WebAdm Session. If you try to use this option when you first start up the server, you’ll get a Page Could Not Be Displayed error in the Internet Explorer screen that will appear when you connect to the server.

To use this option, you’ll first need to start the NetMail Web Administration service. Although set as a Manual start, you can switch it to Automatic if this will be your normal method of server administration. If you look closely at the properties for the link placed on your NetMail server, you’ll see that it references port 81.

Securing NetMail XE
Before turning the server over to your users, you need to make sure that things are locked down. Go into the WebAdm interface, click the NetMail XE Server link, and then click Features. Make sure that the Prevent Relaying option is checked. This will require that users authenticate to the server before sending mail.

The next option involves enabling the server to use what are known as Realtime Blackhole lists. Blackhole lists, such as those listed by mail-abuse.org and relays.osirusoft.com, serve as central clearinghouses where you can check to see if an e-mail has been reported as an open relay or spam source. As you’ll see in the documentation, it’s possible to use more than one blacklist site. While this is a good idea, keep in mind that referencing more sites could delay NetMail in handling incoming e-mail from other sources. You don’t have to activate this feature right away, but you should have it in place as soon as you can.

Antivirus protection
It’s also important to have antivirus protection, not only to protect the files on the server but also to be able to check messages coming in and going out of NetMail to make sure they’re not infected. Normally, this would take two products—one to scan the files on the server, and another to check incoming and outbound SMTP messages. NetMail supports McAfee NetShield, CA’s InoculateIT, and Symantec’s Carrier product.

I’ll use McAfee’s NetShield product as my example. After installing McAfee NetShield, enter the drive letter and path to the signature files in the WebAdm screen. Since NetShield will use hooks or API calls into the McAfee antivirus engine to scan e-mail messages, you should configure McAfee itself not to scan the directory structure used by NetMail to store and route the messages. It’s possible that an antivirus package and NetShield trying to scan e-mail at the same time could cause the e-mail in question to become corrupted, or cause other avoidable problems with NetMail.

There’s a quick and easy test to let you know that everything is working as it should. Go to EICAR and download one of several test files. These are benign files that will trip an alert when a test virus has been found—which is definitely better than playing with the real thing. E-mail the test file from an outside account. When NetMail XE finds the “virus,” it will return the e-mail to the sender with a warning that a virus has been found and send a message to the intended recipient informing them that someone has tried to e-mail them a message or file with an infected attachment. It’s a good idea to go through this process periodically to make sure that the antivirus portion of NetMail is doing what it’s supposed to do.

When using either the Web interface or a POP/SMTP client with NetMail XE, you should be aware that your logon ID and password are passing over the Internet in the clear, so anyone with a network protocol analyzer can see them. The more users you have, the more problematic this can be. Just as bad, if not worse, is the fact that you’ll also be downloading e-mail to the workstation you’re using in the clear.

One of the options with NetMail XE is to use something call SSL (Secure Sockets Layer). This gives you the ability to encrypt the information between the server and the workstation accessing e-mail. You’ll need to generate a certificate request and then submit the request to a recognized certificate authority (CA). Once you receive the certificate back from the CA, you can install it and force the use of SSL.

Which client to use?
One of the strong points of NetMail is that you aren’t required to use any particular client. The only choice you need to make is whether to use POP/SMTP, IMAP, or the Web interface. The manual that you can print out for NetMail details how to configure Eudora, Novell GroupWise, Netscape Messenger, Outlook Express, Outlook 2000, Outlook 2002, and Pine. You’re not limited to those clients, however. As long as what you have is RFC compliant with the POP3, SMTP, and IMAP standards, you should be able use just about anything at hand.

Getting under the hood
Administrators of Novell’s other e-mail solution, GroupWise, faced problems when debugging problems with sending or receiving mail. Finding the file path and directory structure of GroupWise can be frustrating, but Novell has made changes with NetMail. Appendix A in the NetMail manual goes into great detail on the directory structure, how the messages are stored, how to turn up the logging, and, most importantly, all of the registry changes that NetMail XE puts in during installation and what they mean.

The directory structure use by NetMail is easy to follow and far simpler to deal with than that of GroupWise. The manual goes into detail on how to decipher the headers in the messages to help you to trace what’s going on.

Who needs Exchange?
Although NetMail is positioned as an entry-level e-mail system, it’s one that can get the job done for large organizations. You don’t have to get fancy with the hardware to put up a mail server. It’s a great solution for an organization that needs a basic mail server without all the extras that come with Exchange.