hMailServer – Free Open Source E-mail Server for Microsoft Windows

As a server administrator, I have to make sure that I use software that is both sound (security wise) and performs optimally for my users (doesn’t randomly crash, not slow to work, etc.)

Now I know many people have their own ideas of what software to use and what works for them, but in this blog post I am going to give a quick, brief overview of a e-mail server software that I have been using for a long time…called hMailServer.

Now hMailServer is not your “answer to everything” in regards to e-mail hosting, but it is a light-weight, secure (I have never known to be hacked; also, it has almost no security problems to speak of), and performs adequately.

Some of the features of hMailServer are as follows:

  •  1)  Easy Installation and Configuration

Installing hMailServer (with the SQL-Lite database option *) takes almost no time at all. Total install time for me is under one minute. Configuring hMailServer takes a little bit of time, but with a GUI (Graphical User Interface) available for server administrators to take advantage of, configuration is a snap! (think:  no manual editing of text files on a computer terminal!)

* If you are configuring hMailServer to use a MySQL or Microsoft SQL database, it will take a little bit more time to setup this configuration. However, the MySQL / Microsoft SQL database configuration is accomplished using a GUI for ease of setup.

  • 2) Great Security

hMailServer provides great security for the server administrator.

This includes:

  • A)  Virtual E-mail Addresses

This is good since the e-mail users don’t have actual user accounts on the server. They just have “pretend” (virtual) user accounts. This helps with keeping the server safe from intruders since the e-mail users don’t really have access to the server. They just have access to their own e-mail account(s).

  • B)  SMTP Relay Protection

Prevents people from using your server as a e-mail relay without prior authorization.

  • C)  Built-in “firewall”

You can control what the outside would can or cannot do with your e-mail server. This helps especially when you have backup mail servers that need direct access to your main e-mail server without having to bother authenticating first, or you have computers in your network or VPN that need direct access without first authenticating.

  • D)  Anti-Virus Scanner Integration

You can have hMailServer transfer received e-mails to an anti-virus scanner to check for viruses in the e-mail.

  • E)  Built-in Blacklist

You can access blacklist DNS servers to help with combating SPAM. This helps catch a lot of SPAM!

  • 3)  Integration with OS and other Software

hMailServer has a COM library which gives server administrators the ability to write scripts and integrate hMailServer into their current IT infrastructure.

  • 4)  Other Interesting Features
    • Includes a POP3, IMAP, and SMTP server all in the same program (saves time setting up by having all three servers in one software program)
    • Built-in backup and restore system
    • SSL  /  TLS  support
    • Integration support for SpamAssassin (a very popular anti-spam software program)
    • Built-in routing support
    • Built-in MX (mail server) backup support
    • Built-in Multi-homing support

As you can see, hMailServer is a very good e-mail software that has the potential to work for many people in many different environments.

Now am I saying that hMailServer is the best e-mail server to use, and that you should get rid of the software you are using in production and switch to hMailServer? Of course not! However, I would recommend for you to at least try out hMailServer (e.g., on a Windows virtual machine that is *not* being used for production) and see if it meets your needs.

hMailServer Homepage:  https://www.hmailserver.com/


Posted in Internet and Servers, Software

Arrogance Amongst Certain Linux Users

In this blog post I am going to talk about something that has been a pet peeve of mine for a long time about several people in the Linux community. I want to be clear, I am not anti-opensource (I make use of open-source software every day), nor am I anti-Linux (I am both a Windows and Linux administrator myself and really like Linux on my phone (Android).

Many times, I have read and responded to various Linux users online who have come off as arrogant and think they know everything about operating systems “just because they use Linux”.  Of course, I do not claim to know everything about operating systems myself (there are many more people who know more than I do).

This blog post is not meant to be an attack against Linux users (because, of course, not all Linux users are this way). I am just sharing one of many not-so-great experiences I have had with various people who have used Linux.

Summery of what happened:

  1. A while back, I made a comment on a tech website. In a nutshell, I said “using Linux did not mean that you are completely secure from malware infesting your Linux box”. This is a valid statement. I did not bash or hate on Linux. I enjoy using Linux.
  2. Someone posted a reply to my comment, saying that I had made several wrong points about Linux. He claimed that I said “Windows malware would work on Linux” and I was wrong for saying that.
  3. I responded to him, telling him that his first point he said I was “wrong” about was something that I never said.
  4. I responded – using the bash shell-shocker vulnerability as an example – something being open-source does not mean that it is more secure.
  5. I also responded asking him to show me the points that I got “wrong”, since he didn’t give any valid points. All were just his opinions or straw-man arguments.
  6. He responded back and ignored my question and the issue about putting words into my mouth. He just wanted to talk about how Linux is still secure because people “fix vulnerabilities quickly” for Linux. He basically changed the subject.
  7. He also said the ShellShock vulnerability was fixed within two days.
  8. I told him that the bash shell-shocker vulnerability was in fact not completely fixed in two days. It took a little bit longer.
  9. Now the guy does not respond back.

The bug did not have an official fix until 24 September 2014 (the date when the fix was released to the public). The fix came out almost two weeks after the initial discovery.

Now of course I don’t hate the guy, but what he did was just another example of the problems I have encountered with the Linux community.

He started a technical discussion about a comment I made to someone else 3+ months ago, claimed I said things I didn’t say, and presented his personal opinions as verified facts. When he was confronted with evidence to the contrariety, he decided to “sneak out” and not reply anymore.

I know there are good people in the Linux community, but situations like this make me wonder. Also, other people who may be considering Linux will see various attitudes like this and be turned off by that alone. Not a good way to gain users in my opinion.


Posted in Computers, Internet and Servers, Operating Systems, Society, Software

Do You Really Need to Use Antivirus Software?

Pretty much everyone who has used a computer knows what anti-virus software is and what is does. In case you don’t know, anti-virus software basically gives you the potential to know if malware is trying, has tried, or maybe even has successfully infiltrated your computer system.

More and more people are starting to do away with anti-virus software because “they don’t need it”. Well I personally see anti-virus software as a tool…a tool that helps secure a computer system. When someone says that they “don’t need anti-virus software”, I think of the example that I gave to someone a while back on the Internet :

Let’s say you go around telling people that you don’t need to see a doctor to test for cancer, because you do not have cancer, nor will you ever get any. How do you have the potential to know that you do not have cancer, *if* you are not checked by a doctor? How do you know that you will *never* get *any* cancer at all? You don’t!

Your logic would not make sense in that situation because you are assuming something as fact, when *in fact* you are just guessing! The same applies to someone who says that they “don’t need anti-virus software” because they “know that they won’t get any malware” on their computer system or “I know that I am careful, hence I don’t need anti-virus software”. Sorry people but that logic just doesn’t add up!

Also it seems in my experience that many Linux users believe the idea that they won’t get any malware on their Linux systems, or at the very least they “don’t need an anti-virus” program running on their Linux system.

Like I have asked several times before, how can you have the potential to know if you have malware on your Linux system, if you do not run anti-virus software on your Linux desktop / server?

You are just guessing that you will not get any malware. You are even guessing when you say that you do not have malware currently on your Linux system!

Sure Linux has a lot less malware than Windows, but that is no excuse for ignoring security! 🙂

Also, I know that anti-virus software can have (and does have) security problems in of itself. However keep in mind that the companies that write the anti-virus software do update their software to fix security problems, so this is not necessarily a big deal (depends upon your situation).


Posted in Computers, Internet and Servers, Operating Systems, Software

How Good is pfSense?

About six months ago, I started using pfSense (uses FreeBSD) for my main router. I have been very pleased with it and will share a short description of my experiences with it.

Please take note this is not a “how-to” tutorial on installing pfSense. I am just giving my general opinions and experiences with using pfSense.

Install Procedure

The install has two different paths. 1) A quick install, or 2) a more detailed, custom install. I just went ahead and used the quick install. The actual installation took about 3-4 minutes to complete. The process was quick and painless.

Initial Setup

After pfSense installs and reboots, you will have the opportunity to tell pfSense which network card is for your WAN and which network card is for your LAN connections – all basic, routine information a router needs to know.

pfSense will give you the opportunity to setup a VLAN if needed. I had no problems with this part of the setup.

General Router Configuration

You can now access (via a web browser) the newly installed pfSense router using the default local (LAN) IP address pfSense assigned you.

Once in, you will need to modify the router’s basic settings (e.g., WAN settings, LAN settings, etc.). Having your old router configuration with you while setting up your new router helps a lot.

I setup a VPN (using OpenVPN) to my place of work. This has helped a lot in providing a safe and encrypted mechanism to transfer data between home and work.

I also assigned static IP addresses to the different computers at the location.

Powerful Gateway Control

pfSense gives you total control over your firewall’s gateway. For example, let’s say I have the following local networks: 10.x, 11.x, and 12.x Each of these networks are sand-boxed from each other for extra security.

Now let’s say I have computers on the 11.x network that only need to process data locally (e.g., computers that render 3d animated graphics). They have no need to use the Internet at all. All their work is assigned via a local computer.

I can now go to pfSense and tell it not to allow the 11.x network through the Internet gateway. So now I have the 10.x and 12.x networks with Internet, while the 11.x has absolutely no Internet access. This is a very good and effective way to secure important workstations from an outside attack.

I am pretty sure none of the consumer-grade routers you can purchase from your local retailer will have this ability out-of-the-box.

Backup and Restore

pfSense allows you to backup your entire router configuration. You can restore at any time you need to.

Upgrades

pfSense seamlessly upgrades to newer versions, keeping your previous configuration. This is one of the reasons I enjoy using pfSense. No more wasting time fixing configurations due to a system update.

I used to use OpenWRT (a Linux-based router OS) that required a complete reconfiguration, every…single…upgrade (no joke). I about had a heart-attack when I found this out. OpenWRT definitely was not a good fit for me.

Overall Opinion of pfSense

I am very pleased with pfSense. I have had almost zero trouble with it. pfSense handles many Internet connections well, allows for major flexibility in configuring my networks, and works perfectly with SSD drives.

If you want a extremely powerful router, but do not want to shovel out the money to buy a commercial setup, pfSense gives you a really great alternative.

To sum it up, pfSense is a great solution, open source, and available for free. I recommend you try it out for yourself. Click here to go to pfSense’s home webpage.


Posted in Internet and Servers, Operating Systems, Software

‹ Older Posts Newer Posts ›