Mozilla and Google — Exchange Killers At Last?

phase_9 writes "The latest version of Mozilla Thunderbird may still only be in beta but already the user community have started creating an extensive set of viable Exchange killers. One such example is the latest mashup between Thunderbird and Google Calendars, providing bi-directional syncing of calendar information from both the client and internet. How long will it be before open-source software can provide a complete, accessible office suite for a fraction of the cost that Microsoft current imposes?"

$PRODUCT killers is a continuum

[davidwr]

One end of the continuum, I'll call "type 1:"
Replaces important functionality of the product

The other end, I'll call "type 2:"
Replaces the product

Type 2 means among other things your users won't notice any functional differences and the new product can read and write the old product's files perfectly and/or there is a perfect two-way file-translator available.

Type 2 is rare unless the product is designed around an open specification. For example, some implementations of "gzip" or "cat" are type-2 replacements of each other.

nope

[dAzED1]

Until my boss can set appointments on my calendar for me, and until anyone in my company can view my calendar (but not anyone outside my company...), I'll still (unfortunately) be forced to have a PC running whose only purpose is to run outlook.

Please don't flame me ...

[Anonymous Coward]

Once upon a time Lotus Notes was available for Unix. It did all the stuff tfa talks about. (I realize that lots of people don't like Lotus Notes and thereby I don my flameproof suit) What would it take to get IBM to open source Lotus Notes? I haven't used it in ten years but my rememberance of it was that it could do amazing things. Certainly if it were open sourced we wouldn't have to worry about whether Mozilla could produce something with the capabilities of Microsoft's products.

Re:Evolution???

[flyingfsck]

Hmm, I have found that Evolution works better with Exchange than Outlook...

Google is open source?

[djlurch]

Although much beloved here at Slashdot, Google is not open source. They are a private, for-profit corporation that happens to have some free APIs. Putting Google and Mozilla in the same category is disingenuous.

Re:It's not going to happen

[Anonymous Coward]

That's exactly our University's position as well. We'd LOVE to be able to provide an open calendar that can be used by staff and students alike but we won't be relying on a 3rd party to host everything. Much as I'd love to see Exchange finally gone from our campus it won't happen until we get either an appliance or software that we can host in our data center.

This is all very clever and wonderful

[goldcd]

but until stuff syncs with Outlook, it has no change of defeating it.
I'm not a huge fan of MS, but it's nice that external people can send you stuff (as they use Outlook) and it'll appear in your company outlook calendar.
Sooo if you want to defeat Outlook you've got to produce something that replicates outlook's functionality. I don't care what the other company is using, I just care it works with my outlook (or vica-versa).
Basically my point is we live in an Outlook eco-system. If you want to displace it, then you can't just ignore it and do your own thing (e.g. Mozilla+Google).

Notes

[acvh]

If my employer is any indication, Notes is still a big source of revenue for IBM, so I can't see them giving that up. My guess is that there is also a good deal of code in there with various copyright owners.

And of course, Lotus Notes is what software would be like if it was written by Satan.

There ARE options, and it's not openXchange

[Anonymous Coward]

You should look at Zimbra. They are a new company working on solving just this problem. It's pretty damn good too. www.zimbra.com We've installed and tested it and with the ability to support both pop and webmail clients, it's a pretty good choice. The calendaring is also very close to exchange and it even syncs with iCal and other non-MS calendaring systems. They have some huge Fortune 500 clients too... I think they have some extensive demos on their website.

Alternative open-source solution

[digitalderbs]

As a few have already stated, this is a good idea for a single user, but it may be tricky for collaborative scheduling.

Another opensource solution that has piqued my interest is zimbra [zimbra.com], which includes collaborative e-mail, scheduling and many other groupware functions. All the functions work through a web interface as well, but they're now developing zdesktop [zimbra.com] to allow on- and off-line sync/viewing of e-mail, scheduling as so on. It's in alpha, however. There are also programs to use on your mobile [zimbra.com] devices.

I haven't used this system myself, but I'd be interested in any thoughts from sys admins that have successfully (or unsuccessfully) implemented this.

Re:It's not going to happen

[arivanov]

Since when is google calendar and the other google apps lot open source?

There is no open source exchange killer in the offering here. As far as Outlook killers are concerned, Mozilla has been an Outlook killer for a very long time. Even with something as lame as courier Mozilla can easily work over 12G+ IMAP mail folders. Outlook (prior to 2003) caused massive corruption crashes and loss on anything above 2G (after the local cache exceeded 1G).

As far as the usual argument about "want it local", nope I do not. Provided that:

1. Google can offer compliance and logging features for a relatively strict regulatory framework including blanket logging of all emails per domain and retention as per user specified policy. I am aware that exchange does not do that, but there is enough third party software for it (as well as for exim, sendmail, etc). Before that google + mozilla are worthless for corporate use.

2. Gooogle can offer client side certificate based authentication and ssl-enabled protocols for everything. I do not mind google maintaining the CA for that as long as they can.

3. Backup requirements which correspond to 1.

And so on and so fourth. If all of these are complied to, is it local or remote is largely irrelevant. Google has enough datacenters to ensure that the latency is low. In fact, it better be remote. One less item to worry during disaster recovery.

Re:no bloody chance

[rtechie]

One can argue, that if your company can't afford the outlay for a working exchange environment, your company doesn't need it, and it would probably be a waste of time trying to replicate its features.

Until he's proven wrong, this statement is true. There ARE NO free groupware solutions, there never have been, and I'm starting to think there never will be. The support costs are simply to brutal and impassible an issue for the open source community to deal with.

In the distant future there may be a commercial groupware solution based on open source, but it will almost certainly cost as much or more than Exchange.

Re:Notes

[hey!]

The problem with Notes is one of those inexplicable corporate culture things where the same blind spot keeps hitting the company over and over and the company never seems to learn. In this cases it is Lotus' seeming inability to provide an attractive and consistent user interface.

On the other hand, at least the older versions of Notes did a number of things very well (I can't speak to newer ones), including security. However this required more skilled and educated administration. The MS pitch throughout the early to mid 90s on the server end was that you didn't need the kind of expertise you needed to run Notes to run Exchange, or to run Novell to run NT server. The rest, as they say, is history.

Re:Google is open source?

[rtechie]

How would making their server code freely available for use on internal LANs get people to go to Google's sites and watch ads? Think about it.

Google is paranoid about internal security and leaks because what they really have is their own "special sauce", based on open source and commodity hardware, that they can't sell. Google is going to be "hosted only" for the forseeable future, and I for one would never consider an ASP or outside vendor for my groupware server. It's actually ILLEGAL in many US organizations due to Sarbanes-Oxley.

Re:your business E-mail is an open book anyway

[partenon]

The fact that most people get it backward is that they don't care if anybody else read the mail about their last vacations. However company don't like their trade secret being hosted by their competitor.

Trade secrets are serious thing. We are not in a lawless world. If someone takes your trade secret and sells it to your competitor, they get arrested [cnn.com]. If your competitor is as honest as PepsiCo, you have nothing to worry. And actually, most companies prefers to get the market leadership by competency, not by cheating ;-)

But let me ask you... Are you a Google competitor? If so, you don't really have reasons to host on their servers :-)

Re:Careful now. Think this over carefully.

[Creepy Crawler]

---Google has engendered nothing like this. For the love of God YES YES YES I would love for Google and Microsoft to trade places in the marketplace. All I ask is that you MIGHTILY resist the urge that all humans have to be suspicious of anything that grows big, such as Google has.

Anything big is slow to move and is an easy target. Big things usually subtract the human element due to bureaucracy. I would say that big things are generally corrupt, and that would indicate Google too.

---Yes they're a corporation. Yes they're in it for the money. But they manage to do it by embracing technology and providing it to a wider base of users for FREE. They can data mine every second of my life if thats all they ask in return.

I dont know where you live, or what you do for a living, but I'm a 25 year old. At our local mall, there's a door with a company plate on it. It idnt spiffy looking, nor are there windows or anything else. They are a marketing firm. They are the ones that Coca-Cola, Pepsi-Cola and many other companies go to for aggregate and specialized data.

I have participated in a few of these studies (I cannot specify product names.. nda for company name I tested only). I usually am given 10$ worth of goods to test and then do a write up and phone interview for said products.

My average payout for these interviews is ~30$, along with free products, and getting a say on a new product. I KNOW that I'm in a database somewhere and I'm properly compensated for it. When companies come along and want "free information" for "free product", it tells me that what they offer isnt worth it, and my data is worthless.

Word to Google: Tell me how much my information is worth, and Ill pay for information if your product is worth what I deem it to be. Better yet, if they are willing to pay me, I'll list product names and prices and my personal writeups. Not all companies will like what I write.

WebCalendar + Thunderbird/Lightning

[shaitand]

I wouldn't consider giving my data to a third party like Google. Sorry but all my business information is confidential and while Google might be able to have more guards, firewalls, and backups if I give Google information that information has already been compromised by Google.

I already run WebCalendar on my local server and it is an excellent program. But I would like to be able to tie it into lightning for calendar sharing. It doesn't work. First, the stable version of WebCalendar doesn't support publishing. The CVS version supposedly does, but while you can import a calendar into lighting, any changes you make there doesn't get published to WebCalendar. Lightning flashes a little bar, gives no errors but reloading the calendar or logging into webcalendar will show that the new changes were never uploaded.

I've never understood what is so difficult about combining email with a shared calendar. That solution alone would prevent the need to setup new exchange configurations. Most small and medium business only need integrated email and calendaring this leads them to Outlook, then they want to share calendars. That leads them to exchange.

As a developer I can't think of any great challenge involved in this (beyond not having time to write a solution myself). I have trouble believing that with (according to some EU state of FOSS paper) 2,000,000 OSS developers nobody has managed to come up with a solution for this basic fundamental and common need.

I won't even read the comments

[dkone]

I am so sick of this drivel. It is always the same. Someone comes up with some 'solution' that is the perfect "insert you own MS product" that will be killed by open source. Think about it people. If it so good, guess what, MS is going to either steal it or buy it. Look at Hotmail. They are the borg, and I have had too much vodka. enjoy.

DKone

Re:Make a clone instead

[Anonymous Coward]

"An Exchange killer/clone/replacement has been a grail of the free software movement (or at least some parts of it) for the entire 10 years I've been a Linux user."

Yes. The only problem is it has been a "holy grail" only by mounth. You can see yourself by how many people even here doesn't distinguish Outlook from Exchange even with a handbook. All the pretended "exchange-killers" (scalix, openxchange...), are "closed sourced in disguise": they usually are mamoth-like apps with either no proper foundations nor/or proper open community procedures.

"yes, I know about Kolab and use Kontact myself, but how often do you actually see a Kolab server at a company"

Kolab is a very interesting example, and it's not the typical one. It has some good foundations but it has horrid problems too that prevent it to be implemented in real-world scenarios (that's why you haven't seen a single instance of it in production). While the Kolab starting point was a very good one and fullfiled its target (a fast hack for a single client) it is terribly hacker-unfriendly: you can't install but on a server on it's own (due to the horrid choose of a self-servant package database); it uses a heavily-nested template system that not only doesn't leverage but works against any knowledgeable sysadmin; it has quite a lot "hard-wired" constraints that impedes you to integrate it on your current structure (the most obvious example is it's LDAP schema), and I could go on an on. It's important to notice that the real problem with Kolab is not that it's feature-lacking (it's quite good on that respect) but that it is very early-adopter/hacker unfriendly (so you can't see it going anywhere).

"Exchange is very hard to clone and very hard to replace in an environment that uses it."

I don't see it being such a very important problem or at least a very critical one. The "exchange-killer" doesn't need to be an Exchange-clone for the very second reason: it's almost impossible for any non-microsoft service to cleanly cooperate with its microsoft-equivalent. That's valid even for the most perfect and matured "microsoft-clone" overthere which is Samba, so we can forget about it as a lost battle and move on. The "exchange-killer" should be functionaly-wise more or less equivalent to Exchange for a very valid reason: Exchange *does* offer a very valid and usefull feature-list, but it doesn't need to be a bug-by-bug Exchange-clone -it won't work. Even if exchange-dependant companies (that's valid for any other microsoft-based service) are "kipnapped" by that Microsoft-dependency it's their problem at worst: new companies are founded every day that could use new solutions provided they are useful and budget-savvy and gaining a competitive advantage out of it.

"In conclusion, then, a warning to anyone who does not now have Exchange and is thinking of it: don't. You'll be using it forever"

A very valid point; and you can say exactly the same about almost any other Microsoft software: that's the way they make bussiness.

"Look at other open source and closed source products first"

I've done. The problem is that there's nothing currently that can fulfill the Exchange gap nowadays. What's worse, it's very difficult for a truly open product to do it. Even while calendar, meetings, etc. are the most obvious advantages of the Exchange solution there are other benefits out of their office monopoly: with Exchange you can have workflow, templates, etc... only because they know exactly what the client-side is -Ms Office, that's it. Microsoft knows that and it's already exploding it even further with Sharepoint. You just can't have this kind of functionality/integration when you can have client-side Evolution -or Kmail, or Pine, or Squirrelmail; OpenOffice, -or KOffice, or Abiword, or Emacs or... you need a "vertical stack" where everything from client to server is known and developed to work together.

You currently have some "bricks"; some are good, some not as good, but they are probably good startin

Re:It's not going to happen

[Andy Dodd]

"Proprietary information should be stored in whatever place is the best place for it. Criteria that need to be measured include security, accessability, and cost. Most corporations cannot do as well with any of these as a specialist company like Google. Most corporations should not be able to do as well with any of these as Google, since their IT departments are cost centers, not profit centers."
False. You assume that Google's IT department and a corporate IT department have the same goals.

They don't.

Google's business model depends on providing access to their services to people outside of their network, while making sure those people outside of their network only get access to what they are supposed to access.

Corporate network admins, on the other hand, typically give first priority to doing something that Google fundamentally can't without interfering with their business model - prevent outsiders from obtaing ANY access whatsoever to the internal network. This is pretty easy with a proxying firewall. Optionally, after that begin providing access to authorized external users in a controlled and secure manner, such as an IPSec VPN using RSA SecurID tokens for authentication. Google simply can't force all users of their services to go get a SecurID token and VPN in, especially since such VPN systems usually force the client machine into connecting ONLY to the network it is being connected to via VPN.

Their next priority is usually controlling what internal users get access to what, but this is an easier job than "you vs. rest of world". You can usually ensure by methods already in place (Interviews of potential employees, locked doors with badge access and/or combo locks, etc.) that the likelihood of internal users being a skilled cracker is low, although IT departments should still assume that they are. Google can't place men with guns and network monitoring devices (IDS and other sniffers) at every potential user's home to say, "You may be doing something malicious. Stop now."