On this tab, we can create, remove, and modify accounts. It should be noted that the number of these very accounts is the number of LAN SUITE users (as it has already been mentioned, they determine the license cost). I draw your attention to this issue deliberately, because the number of people/computers, which can for example use LAN SUITE proxy server, even in the free 5-user version, is not limited.

The list of users cannot be empty, you should create at least one account. Besides, if there is just one user, it must have administrative privileges. The name specified in User name will be the email address. For example, on the screenshot we can see a user called nawhi and Default domain: ixbt.com. Thus, the email address of this user is nawhi@ixbt.com. If LAN SUITE users have email addresses at different domains, Default domain can be omitted. And now let's examine the modify user window (called by Add and Properties buttons).

Everything is quite self-explanatory: user name, full name, password. Privileges are assigned by checkboxes: whether the user is an administrator, whether he can send fax messages (LAN SUITE also supports this feature), Internet messages, use the proxy server (these privileges are granted to administrators by default). There may be several administrators — even all users. But mind it that any administrator has access to remote administration of LAN SUITE settings (via web interface) and to the web server directory via FTP with unlimited rights. Of course, if the remote administration and WWW-server options are enabled.

Besides, you can have all unsorted faxes and emails, or all incoming and outgoing messages redirected to this user. Aliases can be specified in the corresponding field, delimited by commas. For example, this user will have the following email addresses (besides nawhi@ixbt.com): postmaster@ixbt.com and webmaster@ixbt.com. You should also specify the maximum size of a mail box, in megabytes. I have plenty of HDD room, so I always specify the maximum size possible (9999 MB).

Concerning aliases: if you read a chapter about LAN SUITE working with external POP3 servers, you will understand how it automatically resolves the possible conflict of matching aliases with real user names in a specified domain. In brief: even if you specify a real email address of another user as one of your aliases, you will just fail to get emails from this address. So your mail just won't be sent to this alias. But this email address will be considered yours in "local" terms (inside LAN SUITE, installed on a given computer). For example: postmaster@ixbt.com is not my address. Thus, I cannot get emails from postmaster@ixbt.com. But if I send an email to myself (from nawhi@ixbt.com to postmaster@ixbt.com), I'll get it. That's because it will not go outside LAN SUITE, installed on my computer.

Configuring connection types

You can easily notice that LAN SUITE can work even with a dial-up connection (in case you choose "Connection — Permanent", all other options on this tab will become unavailable, as they will be not necessary). I must admit that I didn't test how well this program works with dial-up. The reason is simple - I just don't have a modem.

But judging from the options, the configuration is rather flexible. LAN SUITE can satisfy the most frequent needs of dial-up users: it can establish scheduled connections (separate schedules for different services) and, no less importantly, it can establish a connection on demand (in case of unsent emails or an incoming request for a proxy server). It can also break a connection automatically, in case the proxy-server does not receive new requests for a specified period of time.

There is even such a exotic option as to automatically establish the second connection after the first one has been successfully established. Starting a BAT file can be very useful. The simplest use for this function is to start Download manager automatically, not to waste a second of precious online time, even if you are not at your desk. But I still think that dial-up users should look for something simpler than LAN SUITE. However, that's just my personal opinion, nothing more...

NAT and Firewall

If your computer has two network interfaces, you can set up NAT (Network Addresses Translation). Dial-up Adapter can act as a network interface as well. Frankly speaking, NAT seems excessive for a home LAN with 2-3 computers, that's why I don't use this function. I'll just note that the program does not allow to set up NAT for itself (that is for the computer with installed LAN SUITE): the interface selected in the Connection to share drop-down menu immediately disappears from the Select internal interfaces list (NAT will work for these very options).

LAN SUITE also has a simple but functional built-in firewall. In the most primitive case, you can just enable it and select a security level — high, medium, or low. A description of the selected level will appear to the right of the slider.

If you want full control, you should select the custom level. It provides the most flexible options for firewall configuration, but it requires high expertise from a user. I'll risk to note that the Custom level in LAN SUITE firewall settings is slightly out of tune with the overall suite — it's really too complex even for an intermediate user. It requires a knowledge level of a system administrator.

In order to enable Custom Security level, you should have at least one set in the Permissions set list. If the list is empty, you should add a permission set. The program comes with several Permission sets, in particular High, Medium and Low Security presets. Conveniently, the meaning of other sets is clear from their titles.

The sets consist of simple rules. One rule usually describes one protocol and one direction. You can add, remove and modify rules in a set. You can also create your own rule sets (though you'd better edit ready sets).

A window for adding a new rule (a general case). Available options:

1. Protocol: All, TCP (in this case you can specify a range of ports and select the response packets only checkbox), UDP (the same applies here — a range of ports, allow also response packets checkbox), ICMP (here you can select allowed message types), Other (you should specify a protocol number).
2. Direction: incoming, outgoing, for the entire computer, or for each of the available network interfaces separately.
3. From address: any, specified IP, IP in a subnet, IP range. You can additionally specify (a simple list, no masks) blocked IP addresses (exceptions).
4. To address (configured like the previous option)

So: rules are combined into sets, sets can be added to the list of used permission sets, there are also standard predefined sets. That's all about the firewall. Theoretically, it's quite sufficient for practically any task. There is one problem: this firewall cannot work with different applications differently, any rule applies to all software installed on a computer. Besides, Windows XP Security Center cannot detect this firewall.

To High Security fans: you can use another method to ensure network security — not to use the built-in firewall, but to install an external program with one simple rule: Internet access (with proper limitations on ports and protocols) is allowed to LAN SUITE only. Considering that proxy server LAN SUITE supports HTTP, HTTPS, FTP via HTTP, FTP, SOCKS, Telnet and Real Audio — practically all programs can work with it. As a rule, even quite fastidious IM- and P2P-clients (ICQ, eMule) quite painlessly work via SOCKS proxy without significant limitations on their functions. By the way, I have Microsoft Windows Update, well known for its fastidiousness, working via HTTP-proxy LAN SUITE.

SMTP and POP3 server

Configuring a local SMTP server (including optional SSL). Everything is quite clear from the screenshot. You can specify an IP address, from which SMTP server will be available (if your computer has several IPs on different cards). But you can select either All or one IP (two out of three are not allowed). Anyway, SMTP is available to programs working on the same computer as LAN SUITE at 127.0.0.1 (localhost), you cannot change that. LAN SUITE SMTP server does not support authorization directly, you can just deselect the Verify sender by previous POP3 access checkbox.

Accessibility of the SMTP server can be limited by specifying IP filters (Permit access or Deny access, IP, Mask). This measure seems quite justified due to the limited authorization procedure, supported by the LAN SUITE SMTP server.

Configuring an external SMTP server, so that emails, sent to the local SMTP, go to the world wide web. Configuration options on the screenshot are self-explanatory. I will just note that there may be only one external SMTP server specified. Authorization is supported for both SMTP as well as POP3. It should be noted that the Re-send interval option applies only to the interval between attempts to send emails if the previous attempt failed. In a normal situation, emails are sent to an external SMTP server in less than a minute after they were received by the LAN SUITE SMTP server.

Configuring the local POP3 server (including SSL). In some aspects, it's similar to configuring the local SMTP: you can specify a port and IP, at which this POP3 server will be available. The POP3 server is also always available from the computer with installed LAN SUITE at 127.0.0.1. This cannot be changed either. Access to LAN SUITE POP3 server requires a user name and a password — those specified in a user account (described above).

And now let's review configuring external (relative to LAN SUITE) mail boxes, where e-mails will be collected and then distributed from the local POP3. There may be as many mail boxes as you need (even in the free 5-user version).

Setting up (adding/editing) external mail boxes. The procedure is quite standard, but there is one useful feature: you may specify a local user to receive e-mails, sent to this POP3 account (Received messages deliver to). Thus, it's very easy to organize receiving e-mails even from 10 different addresses so that they are collected in one mail box. I use this feature to the full, as I have a lot of email addresses, which I use just to read messages and never send emails from them.

I should explain here: of course, even if your local mail box collects emails from dozens of external addresses, you will be able to reply to any of them. But the reply will be sent from the address, which collected all the emails, and sometimes you don't want to expose it. However, this problem can be solved by creating a rule in your firewall to allow clients use third party SMTP servers. You may also allow access to remote POP3 servers, so that your guests won't have to reconfigure their email clients to get new messages.

I shall note one thing directly, even though it seems obvious enough: a user name and a password, specified in an account of the external POP3 server, and a user name and a password, specified in a LAN SUITE account are absolutely different. Of course, you may have them identical, but that's a special case, nothing more. LAN SUITE user with a user name "john" and a password "tomato" can get emails from an external POP3 server with a login "bill" and a password "orange". That's a common situation.

Observation: emails from external POP3 servers do not appear on the local POP3 server at once — you sometimes have to wait a little. When emails are collected from all mail boxes, LAN SUITE makes a pause and only then starts sorting incoming emails. I don't understand the reasons: judging by the logs, if there are no other requests, it may just remain idle for about a minute. I have one assumption though: as all received messages are stored in one folder as files before being sorted into the mail boxes, the local POP3 server may have its own scheduler (which cannot be configured by users); it's not checking for new emails in this folder constantly, but in some time periods.

Antivirus and anti-spam tools

602LAN SUITE has a special Anti-virus Edition with a built-in antivirus (it uses the core and virus bases from BitDefender). However, it does not come for free. Nevertheless, there is a way out! The fact is that the regular LAN SUITE can work with free antivirus AVG Free (it's also developed in Czechia by Grisoft — not surprising, considering the patriality of Software602). You are urgently recommended to install it. It's quite a good antivirus that supports all necessary functions for home users, it's free, its virus databases are regularly updated. Its LAN SUITE integration grants this antivirus another good feature. Here it is:

if LAN SUITE detected an antivirus (it can happen only in two cases: you either have AVG or LAN SUITE Anti-virus Edition) — you may specify an email address (LAN SUITE user) to redirect all infected emails. I intentionally added the spam user, so that all infected emails from all external mail boxes go there. The main boxes become twice as clean :). Outgoing emails can also be checked for viruses (settings are absolutely the same as for the incoming mail).

Justice is above all. Once I ran across one "bug": a spam email with a virus (packed into a zip file) put LAN SUITE into stupor: when the server received this email, it tried to analyze whether its contents were safe and then opened the classic Windows message "This program has performed an illegal operation and will shut down". I had to switch to receiving emails directly (into a mail client instead of the server) to get this email. With the average mail volume of about 1000 messages a day (including spam, of course), this situation occurred only once for three months.

Certification tab in the free version of the suite is not available, it works only in LAN SUITE Anti-virus Edition. However, this procedure only allows to add an antivirus status to each incoming and/or outgoing message. Considering that many viruses can fake similar status reports, benefits from email certification seem quite questionable to me...

Observation: emails are checked for viruses after they are received (not on the fly), so an infected email still manages to get to a computer hard drive for some time in the form of a LAN SUITE file. But this virus still cannot be activated, so there is nothing tragic about it.

Besides, LAN SUITE has a built-in Bayesian filter (learning). Emails, qualified as spam, can also be redirected to a selected mail box. Thus, I have all infected emails and spam redirected to a virtual address spam@ixbt.com. I look through this mail box once two or three days. And thanks to this approach, my main mail boxes are in peace and quiet... :)

The built-in Bayesian filter learns in an original way: you have to forward a spam message to the virtual address junk@junk. If a message is not spam, you should forward it to notjunk@junk. On the one hand, it's less convenient than clicking a button in your email client. On the other hand, how else can you teach a Bayesian filter, which is built into a server instead of an email client?

Besides, built-in anti-spam tools support filtering based on lists of "bad" SMTP servers as well as standard features - white and black lists of email addresses. Speaking of the Bayesian filter: there is an option to make the filter learn automatically from emails included into the white list.

The Bayesian database can be saved and restored. Here is my database, in case you don't want to accumulate your own one. It's a database of my filter, based on 1200 spam emails and 1666 non-junk messages. Of course, I cannot guarantee it will suit you, as I taught it to comply with my requirements. To restore a database, unpack both files from the ZIP archive into any folder and choose it after clicking the Restore Bayesian filter database button.

Besides, the anti-spam/antivirus tools, built into LAN SUITE, support filtering by unwanted attachment extensions.

Proxy server

LAN SUITE can act as a proxy server for HTTP, HTTPS, HTTP-FTP, FTP, SOCKS, Telnet, Real Audio. Besides, it can work as DNS Proxy. User authorization is supported for HTTP, HTTPS, HTTP-FTP proxy. You can block access to HTTP/FTP via SOCKS (which is natural and comes in handy...)

Of course, the proxy supports caching. Cache preloading from a specified address (HTTP, FTP) or a folder. You can prohibit caching CGI queries (you should really do it).

You can also limit access to the proxy server by an IP filter. You are strongly recommended to configure it, or any user will be able to use your proxy server to access Internet (if your computer has a "white" IP). It's even more convenient than to enable authorization, as not all programs work well with proxy servers requiring authorization.

Web server

I didn't test features of the built-in WWW server thoroughly. At least, it works well on the simplest level (it grants access to index.htm, allows to follow links). There is a checkbox to allow directory browsing — if you need to publish photos and don't want to create a web site. If directory browsing is allowed, your web server can be browsed like an FTP.

DHCP server

In addition, LAN SUITE can work as a DHCP server and thus covers all the features necessary to set up a software LAN router.

Administration and FTP server

Restricting administrative access to the program is very simple: this program can be configured either by all users or by administrators only. You can also allow remote administration and statistics access via web.

Note that there is an inaccuracy in the remote administration options: even if remote administration authentificaton is set to free access, absolutely all users will have web access only to statistics — you will still have to enter user name and password to get access to LAN SUITE settings. It's certainly logical and justified, but does not comply with the term "Free access". If you choose User authentification required, anonymous access will be blocked even for statistics browsing.

In order to get local access to remote administration, you need to type the following string in your browser: <http://127.0.0.1/admin>. In case of "truly remote" access, 127.0.0.1 must be replaced with a real IP address of your computer in your LAN or in Internet (if it has a "white" IP). Web administration is supported to the full extent: all those settings you saw on the screenshots are available not only locally, but also remotely, via browser. Frankly speaking, remote administration did not work well in the Opera browser (for some unknown reason I had no left menu, shown on the screenshot). But I had no problems in Internet Explorer.

Besides, LAN SUITE can work as an FTP server with some limitations (if you select the Allow update of the WWW server via FTP checkbox). That's because developers did not want to integrate a sterling FTP into LAN SUITE. This function was intended only to work remotely with WWW server contents. Consequently, there is no anonymous logon, no user right policies: only LAN SUITE administrators can access the FTP server (they must enter their user names and passwords) and they always have full access. Besides, the FTP server works only with a folder, specified as a web-server's root.

As you can see, practically all kinds of logging are supported. But we don't recommend to enable all logging options: it's clear that the Firewall messages / Log all packets option will immediately swell FWL.LOG to an unimaginable size, it may even slow down your PC performance.

A piece of advice: even if all logging options are disabled, each email sent and received will still add one line to lansuite.csv (in the LAN SUITE folder). If you work actively with email, it may grow quite large in time. Unfortunately, I can recommend only one solution: delete it from time to time manually.

Web Mail

LAN SUITE offers this feature as well (considering the intention to create an all-in-one suite, as well as integrated POP3 and SMTP servers, it would have been strange not to have it). You can get local access to web mail by typing the following address in your browser: <http://127.0.0.1/mail>. In case of remote access, you should replace it with a real IP. You will see a window prompting for your user name and password. Then you'll get access to your mail box. As any web mail, Web Mail from LAN SUITE is certainly inferior to stand-alone email clients in usability. But you can quickly browse your email box on a computer without an email client, or, for example, (in case of "white" IP) read your email from any internet cafe. It's hardly a disadvantage, is it?

The only emails, which are more convenient to work with in Web Mail than in a stand-alone client, is... spam :). No need to forward anything. You just mark the spam, click Junk, and the Bayesian filter in LAN SUITE will gladly "swallow" another lesson. Emails will be automatically moved to a special folder.

Startup options