April 23, 2021

Joys of corporate life: outsourced Office365

So, about 10 years ago, I started out as a contractor with a local industrial automation company, helping them integrate energy meters into various energy management systems.

Back then, they had an in-house self-managed corporate email system built on Microsoft Small Business Server. It worked, mostly, but had the annoyance of being a pariah regarding Internet standards… begrudgingly speaking SMTP to the outside world and mangling RFC822 messaging left-right and centre any chance it got. Ohh, and if you didn’t use its sister product, Microsoft Outlook, you weren’t invited!

Thankfully, as a contractor, I was largely insulated from that horror of a mail system… I had my own, running postfix + dovecot. That worked. Flawlessly for my needs. Emails were stored in the Maildir format, so back-ups were easy, if I couldn’t find something over IMAP, a ssh into the server was all I needed to unleash grep on the mailstore. Prior to this, I’ve used various combinations of Sendmail, Qmail, qpsmtpd for MTA and uw-imapd, Binc IMAP and finally dovecot. I used SpamAssassin for mail filtering, configured the server with a variety of RBLs, and generally enjoyed a largely spam-free and easy life.

A year or two into this arrangement, my workplace’s server had a major meltdown… they apparently had hit some internal limit on the Microsoft server, and on receipt of a few messages, it just crashed. Restore from back-up, all good, then some more incoming emails, down she went. In a hurry for an alternative, they grabbed an old box, loaded it up with an Ubuntu server fork and configured Zarafa groupware which sat atop the postfix MTA.

It was chosen because it was feature-wise, similar, to the Microsoft option. Unfortunately, it was also architecturally similar, with the mailstore being stored in MySQL using a bizzare schema that tried to replicate how Microsoft Exchange stored emails… meaning any header that Zarafa didn’t understand, got stripped… and any character that didn’t fit in the mailstore’s LATIN1 table character set got replaced with ?. Yes Mr. ????????? we’ll be onto that support request right away! One thing that I will say in Zarafa’s defence though, is that they at least supported IMAP (even if their implementation was primitive, it mostly “worked”), and calendaring was accessible using CalDAV.

That was the server I inherited as mail server administrator. We kept it going like that for a couple of years, but over time, the growing pains became evident… we had to move… again. By this stage, we were using Thunderbird as our standard email client, the Lightning extension for calendaring. On the fateful weekend of the 13-14th February, 2016, after a few weeks of research and testing, we moved again; to a combination of postfix, dovecot and SoGO providing calendaring/webmail. Like the server I had at home, email was stored in Maildir mail stores, which meant back-ups were as simple as rsync, selective restoring of a mail folder was easy, we could do public folders. People could use any IMAP compatible mail client: Thunderbird, Outlook, mutt, Apple Mail… whatever floated their boat.

I was quite proactive about the spam/malware situation… there was an extensive blacklist I maintained on that server to keep repeat offenders out. If you used a server at OVH or DigitalOcean for example, your email was not welcome, connections to port 25/tcp were rejected. Anything that did get through brought to my attention, I would pass the email through Spamcop for analysis and reporting, and any repeat offenders got added to the blacklist. I’d have liked to improve on the malware scanning… there are virus scanners that will integrate into Postfix and I was willing to set something up, but obviously needed management to purchase something suitable to do that.

Calendaring worked too… about the only thing that was missing was free-busy information, which definitely has its value, but it was workable. Worst case in my opinion is maybe replace SoGO with something else, but for now, it worked.

Fast forward to March 29th this year. New company has bought up my humble abode… and the big wigs have selected… Microsoft! No consultation. No discussion. The first note I got regarding this was a company-wide email stating we’d be migrating over the Easter long week-end.

I emailed back, pointing out a few concerns. I was willing to give Microsoft a second chance. For my end as a end user, I really only care about one thing: that the server communicates with the software on my computer with agreed “standard” protocols. For email that is IMAP and SMTP. For calendaring that is CalDAV. I really don’t care how it’s implemented, so long as it implements it properly. They do their end of the bargain by speaking an agreed protocol correctly… I’ll do my end by selecting a standards-compliant email/calendar client. All good.

I was assured that yes, it would do this. Specifically, I was shown this page as evidence. Okay, I thought, lets see how it goes. Small Business Server was from 2003… surely Microsoft has learned something in 18 years. They’ve been a lot more open about things, adopting support for OpenDocument in Office, working with Novell on .NET, ditching Visual Source Safe and embracing git so much so they acquired Github… surely things have improved.

Tuesday, 6th April, we entered a new world. A world were public folders were gone. A world with no calendaring. I’m guessing the powers at be have decided I do not need to see public folders, after all, RFC2342 has been around since the 90s… and even has people from Microsoft working on it! It’s possible they’re still migrating them from the old server, but 3 weeks seems a stretch.

Fine, I can live without public folders for now. Gone are the days where I interacted with customers on a regular basis and thus needed to file correspondence. The only mail folder I had much to do with of late was a public folder called Junk Mail which I used to monitor for spam to report and train the spam filter with.

Calendaring, I’ll admit I don’t use much… but to date, I have no CalDAV URI to configure my client with. I did some digging this morning. Initial investigations suggest that Microsoft still lives in the past. Best they can offer is a “look-but-not-touch” export. Useless.

But wait, there’s a web client! Yeah great… let’s cram it all in a web browser. I have to deal with Slack and its ugly bloat because voice chat doesn’t work in anything else. Then there’s the thorny of web-based email and why I think that is a bad idea. No, just because a web client works for you, or a particular brand desktop client works for you, does not mean it will work for everybody.

The frustration from this end right now is that I’m trapped with nowhere to go. I’m locked in to supporting myself and Sam (I made a commitment to my dying grandmother that he’d be cared for) for another 10 years at least (who knows how long he’ll live for, he’s 7 now and Emma lived to nearly 18), so suicide isn’t an option right now, nor is simply quitting and living on the savings I have.

Most workplaces seem to be infected with this groupware-malware, so switching isn’t a viable option either. Office365 apparently has a REST API, so maybe that’s the next point of call: see if I can write a proxy to bolt-on such an interface.