Migrate to Google Workspace

I’ve been using Mail-in-a-Box for over 2 years now and have been happy with it, even though have been a few issues. Now as my company grows, it becomes harder to maintain the box, and have been wondering if it might be worth moving to something like Google Workspace or Microsoft Office/Outlook.

First, the problems I face, and perhaps if I can deal with them better, I won’t have to move away.
My setup: A t3a-small on AWS, along with EFS for Own-cloud, and an elastic IP for reverse DNS

  • Microsoft blocks my emails coz of the IP, and AWS support doesn’t do anything about it (They ask to post in the forums or contact Microsoft)
  • Upgrades are scary, as twice, post-upgrade the users were not able to log in. (Needed to create new users and move the data across)
  • Next cloud/Own cloud with EFS for storage is slow (but way cheaper than using block storage)
  • Syncing calendar events is a pain

One reason to move to Google, rather than any other, is the fact that 90% of candidates I’ve interviewed, and all employees, and our clients have used Gmail. In fact, most of our clients prefer Google Docs for collaboration. As much as I dislike Google, they seem to be the choice for the masses.

Second, my worries about moving away.

  • Syncing the data (both emails and files) to the new service provider
  • DNSSEC (I believe I just need to turn this off for a week or two before switching over)

Has anyone here ever migrated to Google and can guide/advice me on the process?
Would I lose anything other than maybe user credentials?

I could type essays here, but to keep it shorter, it appears you may be using MiaB other than how MiaB is intended to be used.

The Nextcloud in MiaB is just for CalDAV/CardDAV services. If you are needing to make full use of Nextcloud, a dedicated Nextcloud server is likely a better solution.

AWS makes things far more complex than using a hosted VPS solution, such as Vultr, Linode, and other similar providers (note DO seems to have extreme IP reputation issues). Probably what you calculate for labor cost to monitor and occasionally increase the size of the attached storage would be far less than the headache of dealing with AWS. MiaB on AWS seems to be for people who for years have been daily living in AWS. Even people who are reasonably familiar with AWS post for help with MiaB due to AWS-generated issues on a somewhat regular basis.

Depending on your size and needs, while MiaB discussion forums may not be the best place to post this, it may be better if you lay out everything you are trying to accomplish and evaluate against feedback for using different self-managed options.

To me, while Google and Microsoft appear to offer convenience, they also can lock you out of everything via some automated watchdog service and for no apparent reason. I follow Hacker News and technology company owners and executives posting directly to HN community about being spontaneously locked out of all of their corporate infrastructure is frequent enough that I would not place my eggs in that basket, but YMMV.

In the grand scheme of things, training employees to use the vast majority of tools is usually not a significant factor, assuming these are not high-turnover positions.

Choosing to use Google and Microsoft will mean ever-increasing costs, plus the headache of ever-increasing requirements to implement their proprietary tools. Systems interoperability and portability are their enemy, and they only use these to meet minimum market forces requiring them. Using their service means that much fewer alternative services being developed and maintained, and comparing prices today with the past (Google Apps was originally free for <50 users and Gmail was originally unlimited storage) supports the claim that their ever increasing market share results in ever increasing prices.

For migration way from MiaB, the biggest issue will likely be MTA-STS, as the records are cached for a week by remote servers. This can be mitigated with custom records on MiaB prior to planned migration.

1 Like

Hi @resley1

I really can’t answer your underlying question – should you migrate to Google Workspace? Only you can actually determine your needs and budget. But may I ask a few questions to determine your actual usage, and potentially suggest alternatives?

How many employees / users are you hosting on the box? How large is your data? Mail and NC each individually. How have you configured your document root for MiaB? (I admit that I am not familiar with EFS) Or, are you running a separate NextCloud instance? I am also curious, if you’d be willing to share, what AWS costs for their services as their price chart requires someone with a PHD in Mathematics to make any sense of, and that person I am not.

My first thought is that AWS is indeed a part of the problem. You have mentioned several reasons already. Let me just address things point by point.

This is actually manageable, though still problematic. See the guides section for a comprehensive guide to managing M$.

Definitely concerning - I would have loved to see the issue real time to determine the cause. But fortunately is very simple to recover from, thankfully.

Yeah, I don’t think that I’d go that route personally. I have a favored provider who offers large “block” storage very inexpensively, and it is as fast as SSD.

Admittedly, I am not a calendar user … how is it a pain? Is it just that NC is clunky in handling calendars itself?

Yeah, everyone just uses Google. Which stifles innovation and competition. That and they work fine until they don’t. You can tell that I am not a fan.

Email is not difficult, the tool IMAPSYNC works amazingly well.
For your files, it depends upon what tools the option you choose makes available. More than likely your users will have to migrate their own files.

Yes, absolutely … and be sure to address your MTA-STS policy as you will have no email for a week if you do not get it right.

I haven’t so can’t help you there, sorry.

Have you considered having someone host your MiaB instance for you to eliminate those issues? It seems that you’d be more comfortable having someone to deal with these issues when and if they come up.

I am also a bit concerned about your NextCloud usage. Are you using the MiaB version, or have you a separate NC instance running? Your performance issues may be because you are trying to use NC for more than the implementation at MiaB is designed for.

You expressed concerns about DNSSEC and I am under the impression that you are running your MiaB using your company’s actual domain name. There are several reason that I would suggest against that. This is a complete discussion for another time, but if you are using MiaB in a production environment for a business that relies on it to be absolutely reliable, I would run the server on a different domain and also either have DNS set up with a secondary provider, at a minimum, or host it elsewhere. Your entire company’s internet presence may be using a single point of failure. I would certainly change habits going forward if this is the case.

I do offer managed hosting for MiaB as well as several other services including offsite backup, secondary DNS, SMTP relay for deliverability, etc. If you’d be interested in discussing further, please feel free to PM me or reach out on the MiaB Slack.

Thanks! It might make sense for me to try moving to Vultr or Linode.

Ever-increasing costs was the main reason to not go with one of the big players. And yes, training employees is not a major issue, but it is quite likely we will use MiaB for emal, Nextcloud (probably hosted separately) for the cloud and internal collaboration, while we use Google Docs for external stuff.

Even if I want to move to Vultr/Linode it’ll be a similar process, right?

  • Change the MTA-STS
  • Dump all the data / backup
  • Copy all the data to the new infrastructure (restore backup with the key)
  • Upgrade DNS records to point to the new infra

So far about 8 users, but should go up to about 12-15 in the coming months.

Right now it’s quite small with mail at about 2GB, and NC at about 5GB

It’s the default, so all the user data is in /home/user-data/. At some point, we had some large files (1GB+ each) on NC, which of course made MiaB status check warn about low disk space. This made me realize we could easily fill the disk, leaving no space for emails, so it was better to have NC on a separate unlimited disk (EFS kinda acts like this as we have around 8EB of free space), so the NC data was moved to EFS with soft links from /home/user-data/ to /efs/... for the appropriate directories.
I’m running the NC instance that comes with MiaB itself, as it felt like a nice little bonus not having to worry about the cloud space/calendar/contacts separately.

As far as the costs for AWS are concerned, it’s approximately $11/month for just all this (this is a rough estimate as my actual invoice includes loads of other stuff). Of course, this is way cheaper than paying Google $10/user/month, even if I do bump up disk space or CPU.

This was actually the first thing I tried and all I got back from MS was the entire block of IPs was banned and they need the service provider to get in touch with them directly. Of course, AWS didn’t help.

Will switch back but keep it separate from the emails. This should hopefully improve performance.

Probably due to my setup of using EFS for storage. The calendar in the browser is slow and clunky, taking ~20 seconds to load data for a single month. Adding events via the browser, they won’t show up on any device for a few days (even when manually synced). On the other hand, if I add something via my phone calendar, it’ll show up on the browser ASAP. I’ve tried a few apps and currently use OpenSync (for calendar and contacts) and Nextcloud (for files) for my Android, and Nextcloud Desktop for my Ubuntu. Both of which have this delay. The file sync is still pretty good. Just the calendar that’s a pain.

Me neither, which is probably I made a post hoping someone would convince me not to move to them :sweat_smile:

It is the MiaB version

The box itself is mail.<company>.com but the emails are all @<company>.com. Is this what is bad?
I really would like it to remain as such rather than something like @<company>mail.com

For now, I’ll replace EFS with proper block storage and see if improves my NC performance. If not, move it to a separate instance.
If there are still issues I’ll try moving to Vultr/Linode as suggested by @openletter.
Lastly, try to resolve the MS issue which luckily enough hasn’t been a big problem so far.

I happen to use Vultr, but my actual opinion is whichever ISP works for you is the one you should use. My point was to use an ISP that offers the more traditional hosted VPS instead of the proprietary ISPs such as AWS.

Migrating MiaB to a different server is fairly straightforward as you are basically restoring the automated backup, so the DNS records remain largely the same (meaning no need to worry about MTA-STS).

See here:

Generally, it is better to have a domain dedicated to the mail server, itself (e.g., if your company domain is example.com, the mail server could be example.net). This does not impact the domain used in email addresses, but does impact other things, particularly using MiaB as it was intended to be used by having the automated scripts manage the mail server and email-related records while leaving you free to use a name server other than MiaB for your domain.

@openletter Answered nicely with his comment:

I have created a low cost SMTP relay which addresses this problem with M$ and Goofle (and Verizon) quite nicely. For more details you can check my website at if the situation becomes unbearable.

Oh and one parting reminder if you do migrate from AWS - don’t forget to turn DNSSEC off at least 48 hours in advance of the migration.

Thanks @openletter @alento I’ll also get a different domain for the box itself

On that subject … in the case that you have to register a new domain for that purpose, I am going to recommend using GANDI as the registrar for one simple reason – they provide secondary DNS service free for their domains and it is the absolutely easiest of ANY to set up.

3 Likes

I have found that OVH offers the cheapest domain name *.ovh for £1.91 incl. VAT for first year and then £3.58 VAT incl. per year for MIAB main domain name …if that helps.

Cheaper is rarely better. Especially when it comes to domains for email.

Many, many ISP’s consider the newer very inexpensive gTLD’s to be magnets for spammers and treat those domains accordingly.

I ALWAYS recommend that the domain that hosts critical infrastructure be one of the well known, established TLD’s namely: .com .net .org .info .us or your country’s ccTLD.

2 Likes