Earlier today I offered to review messaging / collaboration
platforms. I'm remote to the NYC working groups (Denver, co) so I
cant make it in to the meetings to discuss this face to face.
is a mail calendaring suite that can be run on a
dedicated system or hosted by a provider, such as http://www.highlandsolutions.com/HSZimbra/zimbra-non-profit.php
I did a test installation over an ubuntu 10.0.4 VM, the install took
about 3.5 hours to complete, including the VM OS installation and
updating of the required packages. Using an external LDAP repository
will add time to that. Make sure to review the recommended
platforms here as well (I would not vary from this to avoid
Zimbra requires a dedicated system, must be installed as root. You
will be hard pressed to be able to run anything else on the zimbra
server (per their own documentation). It is not a lightweight
application, its a set of applications. It installs an configures a
"private openldap" instance as well, we can review if extending the
schema of this self-installed openldap instance is feasible. I'm
not sure if you even need to extend the LDAP schema, we can talk
about that as we review the LDAP requirements that were mentioned
previously and re-schedule the discussion.
The considerations with managing/administration of zimbra is one of
maintaining the system, having administration available to deal with
outage/issues etc. If trusted systems administrators are available
to the team (at least a couple) managing and maintaining should not
be to bad after the admin's train themselves up on the software.
If there are not going to be committed resources available for
learning and maintaining this solution, build vs rent becomes a
Failed e mail infrastructure is difficult to deal with, let alone
for an inexperienced admin. It might very well be that we can
solicit zimbra administration skills from the volunteers coming in,
but it is a rare skillset. It is more likely to find generic
linux/unix admins with SMTP/MTA experience. Ongoing backup will
need to be in place with this type of system as well. Bottom line,
you have to ask yourself:
- who is going to be managing/maintaining these services,
- do they have time to dedicate to learning and adminstrating
- are they going to be able to remain an available resource for
the life of the movement, or at least be kind enough to make
sure they thoroughly transition the role before leaving.
This will probably be a 5-10 hour a week commitment across
admin/helpdesk resources between system and user issues per 1000
The following document provides an overview of zimbra
scaling/capacity planning, it performs well on reasonably small
system configuration, but requires fast disk (not internal disk,
SAN) if its going to scale to a large capacity (10,000+ users).
The concept of "protection of the data" on a dedicated host should
be scrutinized as well. Depending on where the host is it can just
become evidence and be seized whole with a warrent; while no one is
walking into google apps and seizing a server, because its services
are spread out over 1000's of servers.
Also the "security" of the stand alone host will be weaker than the
hosted offerings (inherently). You will have to apply linux
hardening to the server to have any shot of preventing a break in
(SELINUX Redhat for example, or a really really good security admin
to harden the system for you). Bottom line, nothing is safe online,
operate with that in mind at all times.
Google apps for non-profit organizations
requires that the
organization have 501(c)(3) status with the IRS. I'm not sure if
this has taken place or is in progress through the legal working
group. If there is a 501(c)(3) that is working with the OWS
movement, it probably would be possible to leverage that
relationship to get things started quickly. You also pick up the
benefit of the other apps within the suite as well. It provides for
up to 3,000 user accounts within the nonprofit organization free, or
discounting if the number is greater than that.
I would also review google app's discussion of "secure e-mail
If the 501(c)(3) is not in place/feasible to leverage from a
supporting group, it might be worth actually soliciting donations
to establish this service for the working groups. IMHO this would
be one of the more secure offerings while avoiding the
headaches/overhead of "trying to build and maintain" yourselves.
SMTP: Simple Mail Transfer Protocol
MTA: Message Transfer Agent
SAN: Storage Area Network
LDAP: Lightweight Directory Access Protocol
IMHO: In my honest opinion
I'm available weekdays up until about noon eastern to discuss
further / demo the installed zimbra instance.
PS greetings from OWS Denver!