Email Services

Overview

The central email service is a highly stable, scalable, and centrally administered email collaboration platform based on open standards. The web client is a full-fledged application that integrates email, address book, calendar, and task list. Email services are fully automated in terms of account provisioning and system management cycles, and are highly integrated with other campus computing services, including the authentication service and OpenLDAP (Open Lightweight Directory Access Protocol) service. Additionally, the Microsoft Exchange platform provides the campus community a choice in their messaging system, but interoperates with the central email service via open standards.

Email services should meet both strong security needs and ease of access. Secure email should be an integrated component of general email service that move towards customer-driven functionality while continuing legal compliance around the transmission of electronic  information.  One of the biggest challenges is how to integrate various vendors' products into central email services when they are being moved into cloud-based platforms.

Current State

All Stanford University full SUNet ID users have a default stanford.edu mailbox, supported by Zimbra products. The mailbox can be accessed via the Zimbra webmail client as well as email clients that support POP/IMAP (Post Office Protocol/Internet Message Access Protocol). The mail servers can also forward messages to another email account of the user's choice (e.g., Yahoo, gmail). Virtual email domain service is also supported by IT Services for the departments that wish to use centralized email infrastructure yet to keep departmental domain address.

IT Services is able to horizontally add servers and storage to keep pace with increases in capacity. By using Zimbra's Zimlet technology, IT Services have built custom applications developed to enhancement email service; they include Find Resource (which lets you see the schedules for meeting rooms), Distribution List Scheduler (an easy way to schedule meetings with members of a distribution list), and Stanford News and Events (a university news feed). The Zimbra Outlook connector, a plug-in to Microsoft Outlook, allows clients who are using Outlook (but not connecting to an Exchange Server) to get all the functionality of the Zimbra web client, including the ability to search the Global Address List (GAL).

While actively maintaining and improving the Email and Calendar Services provided by running Zimbra in-house, IT Services, partnering with the university department stake holders, legal office, and 10 other higher-education institutions, has conducted a discovery project to evaluate the benefits of using cloud-based solution to provide email, calendar, and collaboration tool. GSB partnered with IT Services to successfully move their 1500 users to Google Apps on August 2011. Pending legal and accessibility issues yet to be resolved, email and calendar service for undergraduate students will be supplied through Google Apps.

In addition to centralized email services provided by the Zimbra platform, a popular industry email server, Microsoft Exchange, is provided to campus organizations as an optional, fee-based service, but has a similar feature set as the central email service. The central email service and the Microsoft Exchange server are able to interoperate; they are able to transfer email seamlessly and have the same address list based on the master campus registry. Users on either platform can also see the free/busy status of other users.

Some Stanford organizations, including the Land, Buildings & Real Estate (LBRE), have chosen to use the fee-based Microsoft Exchange server platform. Their user base is accustomed to the Microsoft Outlook client and the Microsoft Office suite, which are tightly integrated with Exchange. In addition, some organizations have expanded upon the Exchange service. For example, Office of General Counsel has installed a document management product that leverages Outlook and Exchange. Other groups continue to express interest in using the Stanford Exchange service, and the offering can be expanded as needed for this purpose.

The central email service provides:

  • Anti-malware protection from spam and viruses.
  • Inbound email routing for stanford.edu addresses (forwarding, auto-reply).
  • A load-balance service for failover and high availability; the gateway service has been implemented with load-balancing and failover function, while mailboxes have warm-standby for failover.
  • Email sub-domain support through centrally managed email infrastructure.
  • A centrally managed auto-reply through StanfordYou for stanford.edu addresses.
  • A secure email service through Cisco Iron port product.
  • Authenticated SMTP and enforced transport layer connection through smtp and smtp-roam.
  • The Zimbra mailboxes use encrypted POP and IMAP protocol. Mail access is provided through the Webmail client or other web-based clients, via ActiveSync for mobile phones, including Windows Mobile, iPhone, and Google Android, and Zimbra Outlook Connector for Microsoft Outlook. Mailboxes provide 5 GB email storage for faculty; 3 GB for staff and students, and 1 GB for all other affiliated accounts; more storage can be obtained for a monthly fee through sponsorship.stanford.edu. Backup and restore tools are also available, as are service monitoring tools.

The Microsoft Exchange service provides:

  • Email access through Outlook (cached or online mode), Outlook Web Access (https), Entourage, clients supporting encrypted POP and IMAP protocol, Blackberry, mobile devices supporting ActiveSync.
  • Anti-malware protection from spam and viruses.
  • Email monitoring (to ensure delivery and receipt).
  • Single email and mailbox restoration.

Microsoft Exchange offerings provided by IT Services come in two options. The first includes a mailbox service, where clients pay on a per-mailbox basis, each with its own specific email quota. IT Services also provides Microsoft Exchange servers, where a department or school pays IT Services to run their Exchange servers for them. Additionally, IT Services supports the Microsoft Active Directory infrastructure which includes the Microsoft Exchange "Organization." Schools can run their own Exchange servers and leverage the Stanford Exchange "Organization."

Other types of mail services that IT Services provides the Stanford community are: a bulkmail service for university administration, a mass-mailing tool, group IMAP accounts for shared mailboxes, and a mailing list service.

All Linux systems supporting the central email service are managed under Puppet configuration tools. Most of the operational tasks for central email services are automated, including account lifecycle management, backup, Zimbra server statistics/reports, alerts, and log rotation.

Accounts provisioning to Google Apps requires full SUNet ID service and is integrated with the centralized account management system.

The Windows systems team's existing deployment and support infrastructure is used to automate deployment and management of Microsoft Exchange servers.

Vision

Email has been one of the most important collaboration tools supported by IT infrastructure, but this is likely to change rapidly in next few years.

Gartner analysts expect that greater availability of social networking services, coupled with changing demographics and work styles, will lead 20 percent of employees to use social networks as their business communications hub by 2014.  We need to think of email service in a broader context. It is becoming an integrated part of collaboration tools with instant messaging, voice, content management, and social network tools. Email service is more like an event triggering system that people use to tell others, "Something happened. Go to this place to get it." To fulfill such a 'hub' role, email needs to be accessible easily and securely from anywhere, as well as reliable and fast.

We  will continue to see the need to support hybrid models where some services live on-premises and some are in the cloud. Integration and collaboration among different components of the IT infrastcure and the user community will be a ongoing challenge.

While the current service works well, keeping up with performance, capacity growth, and uptimes demands more and more resources.  Scheduled downtime has allowed for Zimbra software upgrades without overly impacting users, but it will not likely to scale when major work such as storage and Operating system upgrade that has to be done periodically.  The current Zimbra mailbox backup system is not scalable, and a better way to do backup and restore needs to be found. To improve storage and disaster recovery, one approach that IT Services will explore is "snapshot" disk-to-disk backup for Zimbra and develop a recovery process.

Goals

For all email services:

  • Improve performance, failover, and scalability. Alternate storage/disaster recovery solution that allows for easy data recovery.
  • Automate all possible operational tasks; develop tools for the Help Desk to support the email service.

For central email services:

  • Storage upgrade by end of 2011. This helps to reduce disk cost and allow us to increase email quota.
  • ZCS 7.0 upgrade by spring of 2012.
  • Explore 'snapshot' disk-to-disk backup for Zimbra and develop a recovery process.
  • Student email service migration to Google Apps by July 2012.

For Microsoft Exchange services:

  • Closely match the version IT Services runs with Microsoft Exchange release cycle.
  • Provide failover and disaster recovery capability.
  • Ensure scalability to accommodate ever growing demand for bigger mailboxes.
  • Reduce per-mailbox cost.
  • Integrate existing Exchange communities into Exchange Service model.
  • Offer/Deploy eDiscovery feature to targeted user communities.

Roadmap

For central email services:

  • Migrate undergraduate students email to Google Apps.
  • Develop monitoring and reporting tools for services that are provided by Google Apps.
  • Evaluate and choose a solution that can support secure email service in the context of moving email service to cloud-based solution.
  • Evaluate and choose a solution that can support shared group account to replace the current IMAP group service.
  • Develop better Zimbra disaster recovery process.
  • Migrate old storage to new storage for Zimbra to reduce storage cost and be able to add more email quota.
  • Define the expectation for uptime improvements.
  • Design and implement the service to meet the uptime target within budget.
  • Upgrade mailing list service to better hardware, latest OS, and latest software package.
  • Expand mass email self-service for general university administrative accounts.

Microsoft Exchange Services

  • Upgrade to Exchange 2010.
  • Update the database backup process to lower storage usage and costs...and ultimately lower the client rates.
  •  Explore archive mailbox feature to improve the experience for users with large mailboxes.
  • Host databases on low-cost storage.
  • Explore deployment of free Blackberry Enterprise Server Express to reduce cost for Blackberry users.
  • Continue efforts in automation of operational tasks.

Measures of success

  • Increased number of clients with service.
  • Improved uptime and improved level of service availability.
  • Fewer resources required to support service.
  • Higher level of client satisfaction.