• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue Certificate for securing mail

raykai

raykai

Basic Pleskian
what certificate should i use for securing mail ?
If i use Lets Encrypt certificate from server pool i get certificate errors from email clients.
 
In general, you may want to use the same certificate for the mail server that is used for securing your Plesk panel and tell your customers to use your plesk servers name as mailserver for incoming and outgoing mail. (and not mail.customerdomain.tld)

If you really want to be able to let customers use mail.customerdomain.tld for sending and receiving emails via secure connection, then there is a workaround for doing so.
But it requires additional configuration steps for every domain you or your customers do setup. (and does not scale well, i.e. you are limited to a top max of 100 domains you could handle that way)
 
raykai said:
i get certificate errors from email clients.
Click to expand...
What error is that exactly? Is it a "wrong certificate name" error or similar? In that case use the host domain, not the subsdription domain, to retrieve mail. The name must match what the certificate is securing.
 
wrong certificate name . i have 3 domains that need to be able to send emails from their domain and they are companies. The customers prefer having emails that have the domain name of the company over the plesk domain one.
 
As you only have a single mail server that is addressed by the host name, not a domain name hosted on the machine, your customer must use the mail server name. The SSL certificiate is made out to the single mail server on your machine. It is only a server name, it is not the domain name that shows up as a "sender" in an e-mail's visible part.

Example: If your customer hosted mails on Office 365, he does not have a choice how the mail server is name either. He would get some cryptic name like business01-de.provider.tld without any discussion. It should really not be of any concern to anyone what the host name is, it is simply a technical expression that practically noone sees but tech admins that configure e-mail settings.
 
lets say my plesk is on a VPS domain vps200001.vps.ovh.com i have no access to add subdomains to it how would i set it up for mail ?
 
If the host name is vps200001.vps.ovh.com then the SSL certificate that you create in Tools & Settings > Security > SSL/TLS Certificates is made out for vps200001.vps.ovh.com and the mail server name that the customer uses is vps200001.vps.ovh.com.
 
so i would setup both IMAP and SMTP as : vps200001.vps.ovh.com ?

if so would i not be getting hit by bots a lot by not using a random subdomain for mail ?
 
Yes, IMAP and SMTP vps200001.vps.ovh.com

The host will be hit by bots a lot anyway. That's what you need Fail2Ban for. Activate the mail jails to block brute force attacks on the mail service.
 
You must log in or register to reply here.

Similar threads

P
Resolved PLESK 18.0.60 Problems to configure mails / Certificates, etc.
Replies
8
Views
840
mow
M
L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
526
Leta
L
jradzuweit
Resolved How to update Let'S Encrypt certificate with SSL It!
Replies
4
Views
387
jradzuweit
jradzuweit
P
Issue Certificate problem in Plesk
Replies
5
Views
390
Raul A.
R
micneon
Issue Problems to del certificate with cli
Replies
0
Views
177
micneon
micneon
Back
Top