|S N E A K P R E V I E W|
Sendmail Multi Switch 2.1 Gives Powerful Features a Simple Face
October 30, 2000
By Moshe Bar
About 70 percent of the world's e-mail messages are routed through the Sendmail mail transport agent, according to some estimates. About two years ago, Eric Allman, author of the original, open-source Sendmail, set out to create a commercial version. Sendmail Multi Switch 2.1 includes all the features of Sendmail open-source version 8.10.0 plus some important additions. This version is worth considering for companies rife with Unix gurus and those seeking an MTA (mail transport agent) and a full-featured e-mail administration tool.
Multi Switch 2.1 is essentially version 8.10 with a smart administration console, advanced security features and the multiple queues option. It boasts a Web-based GUI, expanded management capabilities, mail-stream monitoring, and SMTP authentication and encryption. It also supports encrypted administration sessions and TLS (Transport Layer Security) encryption. Multi Switch 2.1 also offers centralized management of multiple MTAs via an administrator console. During my testing, the console proved extremely powerful, yet easy to use. The Multi Switch 2.1 marks a major departure from the original Sendmail. For many mail administrators, the added comfort and safety of configuring Sendmail through the console will be worth the admission price alone. But Allman and company wisely retained the features--or lack thereof--that the die-hard Sendmail gurus live for. Using Multi Switch 2.1, gurus can still tweak their beloved configuration files just as before. Compared with some of the other proprietary MTAs, such as Stalker Software's CommuniGatePro, the Sendmail console is more secure, sophisticated and appealing.
Multi Switch lets you set up and maintain multiple mail-stream queues. This allows for parallelism, especially on SMP (symmetric multiprocessing) servers and clusters. Individual queues can have their own rule sets and configuration peculiarities, and you can make some queues faster or slower than others. The standard open-source version of Sendmail doesn't let you do this.
I tested on a dual Pentium III 900-MHz server with 768 MB of RAM and five disk drives under RAID. This configuration should be big enough for thousands of users. Although the documentation says the product runs under Red Hat Linux 6.0 or 6.1, I decided to be adventurous, and installed and ran it on the new Red Hat 7.0.
The installation is as simple as unzipping a binary file and untarring it. Once you have the exploded contents of the tar file, you have to run an installation script. This script asks for permission to create an administrative superuser and then configures the connection port for the Web-based console. It is obviously up to the diligent administrator to make sure only authorized users and hosts can connect to that port. Installation was surprisingly easy.
The central piece of the Multi Switch family is the common administration console. Using a standard browser and connecting to the secure port of the Multi Switch server, you get a clearly structured, pleasant and easy-to-use interface. The console is where the Sendmail administrator will spend most of his or her time. I first configured two separate mail queues, one for internal and one for external e-mail. You should prioritize the two mail streams differently to balance the mail server for, say, two different bandwidths.
Next I set up two more Sendmail administrators, one allowed only to create/ modify aliases and another to monitor and set up mail queues. In large organizations, there are often more mail administration roles than just "root." The creation of additional mail admin roles is as easy as any of the operations from the console.
Sendmail claims Multi Switch 2.1 can ease the burden of administering more than one mail server. To test this feature, I installed another instance of Multi Switch 2.1 beta 3 on a second mail server--a Pentium 700-MHz, 128-MB RAM Linux box--at a friendly ISP's location. Through a VPN (virtual private network) setup, I connected my Linux machines to create the appearance of a LAN rather than WAN. I was impressed that the Sendmail Multi Switch 2.1 is extremely lightweight, being just barely more resource-intensive than the Sendmail shipped with Red Hat 6.1. The remote system was comfortably able to install and run the software.
Through SSL (Secure Sockets Layer)-type connections, both instances of Multi Switch saw each other, and one could use the console to administer both or more instances. Setting this up was easier than it sounds; just provide the IP address and port of the remote Multi Switch instances on all concerned servers, and--presto--they happily communicate. The powerful TLS security mechanism--Transport Layer Mechanism--secures all communication with remote MTAs. This is especially important in any setup with remote instances of Sendmail Switch. Finally, I set up a mail queue for all outbound e-mails to the Internet on the remote system and all inbound e-mails to be routed to the local server. This kind of configuration might be found in an environment with fast WAN connections and centralized Internet access.
To stress test the system, I wrote a series of simple scripts that loaded the mail server with thousands of e-mail and attachments from various parts of my network. Even at more than 400 e-mails per second, Multi Switch never missed a beat. The product is well-suited for organizations running complex network topologies, which have significant messaging needs.
During another stress test, I used the administrator console to monitor the health of the configuration. I could look at the live streams of e-mail and at the mail queues growing and shrinking dynamically. You also can fine-tune the Multi Switch configuration to adapt for the load level of the operating system and the available bandwidth. You can set up alarms notifying you by e-mail or pager if the load level of the OS has more than three waiting jobs and the mail queue holds more than 100 waiting e-mails, for instance. You could then increase the priority of outgoing e-mails.
The graphical tools in the console make it easy to obtain a global view of your messaging situation. One additional goody is the reporting tool. You can have regular, customizable reports e-mailed to users or managers on nearly any aspect of Multi Switch.
Additionally, you can enable powerful antispam features. An optional Sendmail filter can control and block MIME-type e-mail attachments. You also can set up antispam controls that provide granular control by specific domains, hosts, users, IP addresses and even subject lines. Using the subject-line filter, I decreased my average daily spams from between 60 and 70 to about five or six real spams. I redirected all supposed spams to a directory on the file system through which I regularly ran a grep utility to search for names and subjects I didn't want to miss.
Compared with other commercial MTAs, Multi Switch is expensive. But the powerful feature set and the technical support make the extra bucks worth it.
Moshe Bar is a consultant for Unix- and TCP/IP-based business solutions. He has written books on Linux, file systems and clusters. Send your comments on this article to him at firstname.lastname@example.org.