My first point is to separate the two goals.

1) Don't host your own email. It's easy to get service from someone (and ISP) who already has all the infrastructure, eg anti-SPAM, anti-hack, anti-virus, in place. I do host my own email and have done since, um, at least 1992 using UUCP, but in any new company that I am involved in, my first task is to outsource email handling one way or another. It's usually pretty cheap too.

2) If you don't know how to host a Web site securely then you should not be managing a bare server with important stuff on it. Get a 'managed' service and don't skimp on the money to try and ensure that you get good tech support. DO NOT PUT/STORE ANYTHING SENSITIVE ON THAT SITE such as credit-card details until you know how to make it safe, and a managed host may never be so if ISP admins can see your data. If you *do* already know how to run a safe bare server (turn off all unnecessary services, minimise the attack surface, apply all security patches and keep up to date) then you can try a dedicated server, but try it on something unimportant to start with.

Don't try and do it all in one go, and on your own.

Rgds

Damon

you get up into around 1,000 hits a day

Personally, I would look at cost versus gains. Equipment costs aside, what is the line going to cost/month? Not that I have one, but I would assume that a T1 is not cheap and you could probably get a quality hosting company for less. Then, of course, there are maintenance costs, labor, and all the other headaches that go with it.

Ask yourself this: if it is easy, why are not more companies doing it? I manage about 30 web sites, own several more, and would not even begin to consider running my own server.

Marshall

Good advice, thank you for that!

I don't intend to go the dedicated server route if I can convince the powers above me to have some sense. It sounds like a minefield that only the most talented tread.

I'll look around for some IMAP services.

Cheers

perhaps your people are interested in this route because they think that this is the done thing

I do remember asking someone many moons ago about how long he had to keep his pc on to proerly host his office website :)

He looked ever so puzzled initially

Something else to consider: power outages. A battery backup is only going to hold so long, and depending on where you are, if you are subject to frequent and, more importantly, long power outages, you might need to get a diesel or natural gas generator. Not only is that a purchase expense, but also operational.

Marshall

Our current webhosts cost £1k a year (about $2k) which is complete robbery in my opinion considering our site isn't on a dedicated server, doesn't offer email nor are they willing to give up ftp access easily (I came in very late on this project when these important decisions had already been made).

This last point makes my blood boil. The organisation decided to go with a third-party web development agency to build a Plone-based CMS and they argue I can upload via the Plone interface so do not need ftp access. The possibility of phph/mysql development would be laughed at.

Anyway, my point is that until next year (when the contract ends) my organisation will stick with these cowboys and most likely purchase in a 3rd party email service based on the useful pointers you've given me.

What kind of price should I be looking at for a decent IMAP service? Also, am I right in thinking (for next year) that I should aiming around the $10-20 a month mark for webhosting our Plone site that will include email, ftp, php/mysql etc. as part of the package? My experience building sites tells me that this is the norm for a half-decent service...

Thanks

$10-20 a month mark for webhosting our Plone site

<laughing hysterically>

Plone is about the slowest, least-efficient thing going. It's elegant. But it eats all your hardware for breakfast, and sits there crying while you desperately go out to the store for more.

I tested it on my AMD X2 test machine on a local Ethernet connection, and the speed was unacceptable.

Not sure what hardware people are using for real websites. Almost certainly requires a caching server in front of it.

There's another reason why you are not going to find cheap webhosting for Plone. It builds on top of Zope, an "application server". Zope runs as an independant application, and I think you normally run several instances of it. Unless the host specifically offers Plone/Zope support, you probbaly need at minimum a VPS and root access to even be able to run it.

Big sites typically run several servers. I'd guess that while you currently don't have a "dedicated server", there are several machines involved in providing service for a number of clients. Instead of having shared use of a single machine, you probably have shared use of a farm of machines.