• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Again: Let's Encrypt & Postfix

skot1708

skot1708

New Pleskian
Hey Folks,

I think I've read all topics about setting up a correct Mail-Setup with Plesk Onyx and Postfix for our customers - but still got "some" problems.

What I've done so far:
- I've changed the hostname to server.our-domain.de
- I've added the subdomain server.our-domain.de at Plesk and assigned an Let's Encrypt SSL-Certificate
- I assigned the Certificat eat Preferences --> SSL to Secure Plesk AND Mail-Server
- At the Customer Domains I changed the DNS MX Records to server.our-domain.de
- The IP correctly resolves to server.our-domain.de
- Our customers all use server.our-domain.de as imap/smtp adress

But if I check the SSL with a customer Domain here: https://ssl-tools.net/mailservers it says: Hostname Mismatch.
If i run checktls.com with a customer mail-adress everything seems to be fine.

Some customers get Certificate errors sometimes, others not. Have I made any general mistakes?
What's up with the automatic DNS entry like mail.customer1.de - to my understanding I don't need them?

Thank you in advanced & kind regards

Sascha
 
skot1708 said:
Hey Folks,

I think I've read all topics about setting up a correct Mail-Setup with Plesk Onyx and Postfix for our customers - but still got "some" problems.

What I've done so far:
- I've changed the hostname to server.our-domain.de
- I've added the subdomain server.our-domain.de at Plesk and assigned an Let's Encrypt SSL-Certificate
- I assigned the Certificat eat Preferences --> SSL to Secure Plesk AND Mail-Server
- At the Customer Domains I changed the DNS MX Records to server.our-domain.de
- The IP correctly resolves to server.our-domain.de
- Our customers all use server.our-domain.de as imap/smtp adress

But if I check the SSL with a customer Domain here: https://ssl-tools.net/mailservers it says: Hostname Mismatch.
If i run checktls.com with a customer mail-adress everything seems to be fine.

Some customers get Certificate errors sometimes, others not. Have I made any general mistakes?
What's up with the automatic DNS entry like mail.customer1.de - to my understanding I don't need them?

Thank you in advanced & kind regards

Sascha
Click to expand...

Hello @skot1708 ,
you can check your ssl certificate with CryptCheck , just try usual port like 993,995,465,587.
 
I had a similar problem, the certificate must cover all third-level domains, ie smtp.domain.tld is required a certificate for the following or in a default wildcard certificate:
  • smtp
  • mail
  • pop
  • pop3

I hope I've helped.
 
You must log in or register to reply here.

Similar threads

D
Question Renewing Let's encrypt automatically
Replies
3
Views
494
Kaspar
K
P
Issue SSL issue for some visitors, but not all
Replies
1
Views
82
AYamshanov
AYamshanov
L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
345
Leta
L
M
Resolved Lets Encrypt not issuing certs for subdomains
Replies
2
Views
272
mendip_discovery
M
R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
2
Views
888
tessa67
T
Back
Top