Sharepoints: Apple’s Mail Service Ages Well in Jaguar
24 September 2002
It’s hard not to like Mac OS X Server 10.2, aka Jaguar. Apple has clearly put a lot of thought and effort into the upgrade. One of the most interesting and potentially significant upgrades is to Apple Mail Service. Apple has improved their mail transport agent on virtually every front—but does the new Mail Service compare to its Open Source competitors?
Ultimately, the answer will depend on how you use e-mail on your Server. Apple Mail Server 10.2 (AMS) is a huge improvement over AMS 10.1.x, which we recommended be immediately turned off in favor of an Open Source mail transport agent like Exim or Postfix. Apple has addressed the problem of spam more directly with AMS 10.2. This fact is immediately apparent when you open Server Settings to Mail Service and click on the Configure Host Settings menu item. AMS 10.2 explicitly asks you to delineate the hosts for which it will permit relaying; by default, localhost (127.0.0.1) and your Server’s IP addresses are listed, and none others. You have to explicitly add new hosts, which you can do by specifying an IP address, fully-qualified domain name, or CIDR range. AMS continues to offer support for DNSBL-based filtering, and has wisely shifted from defaulting to MAPS' DNSBL.
AMS 10.2 supports multiple domains, more or less. If you have two users, johndoe@host1 and janebear@host2, AMS makes no correllation between domains and will gladly deliver mail to johndoe@host2 and janebear@host1.
Amusingly, if you have “Require authenticated SMTP” enabled in the SMTP options window in Server Settings, incoming mail will be rejected with a 503 error code unless the originating SMTP server first authenticates as a local user. As you can imagine, this is rather problematic as it affects external SMTP servers as well as internal users.
AMS is much more savvy when it comes to working with other MTAs, like Exim, Postfix and Sendmail. You can now explicitly tell AMS to use a UNIX mail transfer agent, which will subsequently be used for incoming and outgoing SMTP traffic. You may need to restart your Server, however, as we discovered AMS did not recover well when switching from Postfix to AMS. AMS also requires a totally different set of permissions on its mail store than Open Source MTAs, so if you specify the “alternative mail store” of /var/mail you will have to manage permissions on that directory yourself.
Apple is clear in the Server manual (which you must download from Apple’s site, or pay $60.00 USD to get printed) that AMS is not suited for use in complex setups like those involving mailing lists, though it is not at all clear from the Server applications that this is the case. Something more immediate and accessible would be welcome. Lastly, there is an important caveat for anyone considering switching from or to AMS: its mail storage methodology is completely incompatible with other MTAs, so make sure to backup your mail before making the switch. This is particularly important if you were using procmail to sort and filter mail.
One really cool new thing about AMS is its support for quotas. They are a great way to keep unruly users from hogging disk space, and are not easily replicable in other MTAs.
All in all, if your mail situation is pretty straightforward and doesn’t require server-side filtering, advanced spam deterrance or add-ons like mailing lists, AMS 10.2 is definitely a viable solution. We can’t wait to see what’s coming next!