Reviewing Zimbra Network Editions Email Archiving Capabilities

20 Mar 2021 - sj, tags: archiving, compliance, insights, news, product

What is Zimbra?

Let me quote their own definition from the Zimbra website:

“Zimbra, a Synacor product, is an email and collaboration platform that includes contacts, calendar, tasks, instant messaging and file sharing, plus add-ons such as videoconferencing, document creation and file storage.”

The Zimbra Network edition comes in 2 flavours: Professional Edition and Standard Edition. The Professional Edition offers custom retention policies, litigation hold, email archiving and discovery. In this article we’ll explore Zimbra’s archiving capabilities.

How Zimbra email archiving works

When installing Zimbra you need to enable the archiving component of the MTA. When archiving is configured for an account, eg. alice@aaa.fu then the email is copied to her archive account, eg. alice-20210320@aaa.fu.archive. The default archive account format is ${USER}-${YYYYMMDD}@${DOMAIN}.archive.

Zimbra also checks the Message-ID, and if you sent the very same email (with the same Message-ID) twice or more, then it would discard the additional copies, which is a nice thing.

It’s possible to selectively archive accounts, in fact you need to create an archive account for each user account you want to archive emails for.

When it comes to searching in the archive, you need the Admin Console. Administrators may enter some search criteria, and create a search job. The job puts the matching emails to a folders of the selected user accounts. Optionally the search job may send a notification email to the user. See some nice screenshots at the Zimbra site.

Some disadvantages

No email compression

It’s a given that a regular mail server like postfix that Zimbra uses simply writes the email to disk, and doesn’t compress it. However, a modern email archive compresses emails to save disk space. This alone can save 40-50% of disk space (depending on the given email).

No attachment deduplication

If you sent a pdf document to 5 recipients, then the same pdf file would be stored for all of the 5 recipients, because the archive accounts don’t extract the attachment for storing a single copy only. This inefficiency altogether with the lack of compression means that you’ll need plenty of disk space to provide archiving capabilities. More disk means more IT costs.

No email encryption

Again, a regular mail server like postfix doesn’t encrypt emails. However, a modern archive needs to comply with regulations, and some of them require to encrypt archived emails. You may argue that what’s the point of encrypting emails in the archive accounts if the same emails are not encrypted in the user accounts? You may be right, however, from a compliance point of view, a Zimbra archive is not compliant.

The end user can’t self service himself

Probably this is the most painful. If Alice deleted a few important emails from her mailbox, and she needed to restore them, she couldn’t, because even if she has archiving configured, the Zimbra GUI provides no option for her to do so. So Alice needs to open a support ticket to IT, and ask them to recover her emails. This process is far from optimal. Alice spends some time to create the support ticket. Then IT support processes the request, performs the search based on Alice’s input, then closes the support ticket. Alice receives an email that her IT support ticket has been resolved, and checks her inbox for the missing email. If she’s not happy with the result the whole process starts over. It’s both time consuming and frustrating for both parties.

The ideal solution is to allow Alice searching through her archived emails, and to restore what’s needed on her own. If she’s stuck – though chances are she won’t be with an easy to use archive like Piler enterprise – she can still ask for IT support.

So while it might be well true that Zimbra as a collaboration platform has a low TCO, it’s not the case when it comes to email archiving. .

Lack of appropriate archiving roles

The archive search is possible only using the Admin Console. The problem is that only administrators may login to that area, because it grants administrative capabilities not meant for the average users, not even for HR, Legal, etc. However, usually they would be the people requiring archive search capabilities. But they can’t have it using Zimbra, they also need to ask for IT support. Imagine a large scale ediscovery request with several complex search queries. Or, you’d better not.

On the other hand, a well designed archive supports several roles. Piler enterprise features an auditor role allowing such users to perform searches in any mailbox they need, even a company wide search.

No audit capabilities

When an administrator searches in the Zimbra archive, a search mail record is created. It’s useful if you need to perform the same query again. However, the administrator can delete such record, removing any trail of his actions.

A modern archive records all actions, logins, searches, email views and downloads, etc. and provides a searchable audit record who did when what.

No protection against hardware issues

Since Zimbra stores the archived emails on the same machine where the regular accounts are, if you have any issue with the Zimbra host, you are cut from your archived emails as well. It also violates the 3-2-1 data backup principle. By default even the regular backups are created on the same host, though it’s possible to mount an external drive to /opt/zimbra/backup directory.

The recommended approach is to have a separate host (either physical or virtual, or even in the cloud) running the archive. Then anything happens with the Zimbra host, you can still access your emails in the archive while IT is working on recovering the Zimbra host.

Can you justify the extra cost of Zimbra’s email archiving?

So far we have seen how Zimbra archives emails, and some of its weak points. At the end of the day it always boils down to how much value I get for my money. In other words, is it worth the higher cost associated with the archiving feature offered by the Professional edition or is it more reasonable to have a third party email archive?

The following numbers are estimated based on a quote from Zimbra. There’s a (roughly) 0.2-0.3 EUR / account / month extra cost to have the archiving feature. The exact number depends on the user count. For 100 users it’s ~30 EUR/mo (360 EUR/year), for 1,000 users it’s roughly ~200 EUR/mo (2400 EUR/year).

Let’s compare these numbers with Piler enterprise. The no-tenant license fee for 100 users is 840 EUR for the first year, and 210 EUR/year starting from the 2nd year. For 1,000 users, the license fee is also 840 EUR for the 1st year, and 210 EUR/year from the 2nd year. The more users you have the greater Piler’s cost advantage is.

The multitenant, service provider edition of Piler enterprise costs 83 EUR/mo/server (1000 EUR/year/server). The pricing is based on the number of servers you have, not on the user count. See the pricing page for more.

The Zimbra website features a success story of Oceano, a company with 700 users, claiming that with Zimbra “our costs have dropped dramatically, from 3.30 euros per mailbox per month to 1.22 euros. This decrease takes into account the costs for licenses, hardware, maintenance and energy consumption.“i

Well, using piler enterprise they could have cut even lower their costs.

Conclusion

Zimbra is a nice email and collaboration platform, however it has lacks features even the most basic email archiving product provides such as email compression, deduplication, encryption, roles, auditing, and self service capabilities for users just to name a few.

It’s recommended to use a third party product if you need email archiving. I’ll show you how to archive Zimbra’s emails using Piler enterprise in the next article.