Question MX recordo different from FQDN and Let's Encrypt

[fabio.florencio]

Server operating system version

Ubuntu 22.04.4 LTS

Plesk version and microupdate number

Plesk Obsidian Version 18.0.59 Update #2

Hi, there.

Is it possible to configure a different MX record other than the FQDN?

For example: I want my MX points to "mx.tld" instead of "tld" and issue a valid certificate with Let's Encrypt? The configuration works, but the certificate isn't generated.

Thanks in advance.

 

[scsa20]

I'm not understanding what you're trying to do, the MX record just tells the external email servers how to route the email to your server. The SMTP and IMAP/POP settings can be completely different for getting the emails (for that you should have an actual domain set up in plesk already for you to make the mailboxes anyways).

 

[fabio.florencio]

Hi, sorry misunderstanding.

I'm gonna try to explain: I want to configure a mail client, like Outlook or Thubderbird, with IMAPS and SMTPS, and everything works fine, with the certificates being recognized when I configure MX record with the toplevel domain name (example.com). So in this case I don't receive any certificate error or warning.

However, when I configure MX record with a differently (mx.example.com), I receive a certificate error from the mail client. The problem is obviously generated because the certificate doesn't exists, and I don't know how to create it in Plesk (in SSL/TLS Certificate settings or any other option).

 

[scsa20]

Again, the MX record in the DNS zone is only for telling how to route emails to your email server, it has nothing to do with your email client itself. Are you making changes to the email client? If so, then don't, there's no need to make any changes to the email client settings, just leave it the way it was.

For example, I could set my MX record to mx.scsa20.com pointing to my email server, on my client, my client will just use whatever the standard settings is (so in this example would just simply be smtp.scsa20.com and imap.scsa20.com respectfully but in all honestly it could be whatever domain that points to the same server where the emails are being stored on but I'm using this as an example).

 

[AYamshanov]

https://support.plesk.com/hc/en-us/...for-example-com-is-pointing-to-another-server, see the workaround expand.

As an example, you can create a domain mx.example.com, issue a new certificate for the domain, and then use it as a mail certificate inside the main domain.
As an alternative, you can issue a new wildcard certificate (*.example.com), which protects the mx.example.org subdomain as well.

If it is your case and the workaround helped, I also recommend to vote for the feature on UserVoice,

 

[AYamshanov]

Anyway, could you please provide a little bit more details on your scenario, if Plesk hosts mail services and serves e-mails, why do you prefer to customize a domain for mail services (from example.org to mx.example.org)?

 

[fabio.florencio]

Hi, all. Thanks for the help.

This is the scenario:

1. Plesk hosting e-mails
2. Website hosted in another server (Wix)
3. Cloudflare as CDN (free tier) + DNS

The problem: I need to issue certificate for webmail and MX to avoid warning messages for e-mail clients, such as Outlook (IMAP and SMTP), and, to Wix issue its certificate too, "example.com" and "www.exmple" com DNS records must point to Wix configuration. As workwaround, I changed MX DNS record to "mx.example.com", instead of just "example.com".

I'm gonna try to use the workaround you suggested (https://support.plesk.com/hc/en-us/...for-example-com-is-pointing-to-another-server).

Thanks