1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Resolved How to correctly configure Mail Server, MX Records, etc for multiple domains on the same IP address

Discussion in 'Plesk Onyx for Linux' started by AdamW1992, Sep 4, 2017.

  1. AdamW1992

    AdamW1992 New Pleskian

    1
    20%
    Joined:
    Sep 4, 2017
    Messages:
    6
    Likes Received:
    1
    Location:
    England
    Hi,

    I'm creating this thread as I could not find a full and complete set of information for my needs, if there is already a solution that correctly explains my needs and answers my question please direct me to it. All IPs, domains, etc, have been change to examples to protect privacy.

    Basically, we have a web server that is running plesk. This server has the IP address xxx.xxx.xxx.xx with a specified hostname in plesk of server.hostname - a reverse DNS (PTR) check on this IP resolves to this hostname. The IP address of the server has multiple domains hosted on it, domain1.com, domain2.com, etc. All these domains need to be set to use the plesk mail server (we have installed Postfix as the mail server, and Dovecot as the IMAP/POP3 server).

    The question is how to configure the MX records and other mail settings of each of these domains so they are set-up correctly, so all names resolve correctly and emails are being sent securely.

    Previously, before we had Let's Encrypt and couldn't secure our mail server, we were using mail.domain1.com, mail.domain2.com , etc. as the MX records value and also had A records where mail.domain1.com, mail.domain2.com had a value of the server IP address xxx.xxx.xxx.xx. This worked fine but from what I can tell was not the correct way of running things.

    Now that we can secure our mail server, we have created mail.domain1.com as a subdomain, secured this sub-domain using Let's Encrypt to create an SSL and are using this SSL certificate to secure our mail server. We have changed the MX records on domain1.com, domain2.com ,etc, to ALL use mail.domain1.com to match this certificate and we also advise any clients adding email accounts to their computers/devices to use mail.domain1.com as their hostname for the incoming and outgoing server so that it also matches the certificate (this is OK from our side as, in this example, domain1.com is our own website domain so we can tell our clients this is the valid hostname as their mails are being run through us).

    Is the set-up above correct or the logical way of setting our mail up for all of our domains so they are secure and correctly configured both for the mail DNS records of each domain and the setting we tell clients to add their mail accounts to their devices? From what I can see, there may perhaps be something wrong using server.hostname as the specified server hostname but then using mail.domain1.com's sub-domain and certificate to secure the mail server... other than this I'm not sure.

    Any help or advice would be appreciated, we are just trying to ensure our server is correctly set-up and configured so our clients emails are being sent with the utmost security.

     
    Liew CheonFong likes this.
  2. Liew CheonFong

    Liew CheonFong Basic Pleskian

    7
    20%
    Joined:
    Sep 18, 2016
    Messages:
    25
    Likes Received:
    5
    Location:
    Malaysia
    thanks for opening this thread. I am having headache setting up mail accounts correctly with proper security too..
     
  3. UFHH01

    UFHH01 Plesk addicted!

    44
    64%
    Joined:
    Jun 11, 2013
    Messages:
    6,762
    Likes Received:
    1,712
    Location:
    Hamburg / Germany
    Best Answer
    Hi AdamW1992,

    Yes, it is!

    Upon future updates/upgrades for Plesk, where it might be possible to secure each domain with it's own certificate within your mail - server configuration, your setup is the recommended way.
     
    AdamW1992 likes this.
Loading...