Problems with inbound TLS due to standard DNS template

[fliegerhermi]

Hi everybody.
With the standard-DNS-Layout every customer has an MX-entry like MX 10 mail.customerdomainexample.com

The problem is, that inbound mailservers get a TLS warning, because the mailhostname does not match mail.companydomainexample.com, which is the domain with a valid SSL-Certificate pointing to the same server.

Wouldn't it make sense to change the default template to mail.companydomainexample.com since it is the same machine anyway?
Am I twisted up in my thinking somehow?

Thank you very much.

 

[Lloyd_mcse]

Do you mean the TLS Warning from Outlook?

If so tell your customers to use

mail.companydomainexample.com

with secure conections.

I do this with webmail, plesk and mail servers - that way customers don't get any security warnings.

Hope that helps

Kind regards

Lloyd

 

[fliegerhermi]

Hi Lloyd,

thank you for the fast reply. I handle the customer-connections just the way you do, which is a pain somehow, because a server-change requires the customers to change all the addresses in their computers. Hopefully Plesk remains a good system for quite a while

What I was really talking about are SMTP connections from ISP to ISP.
With the default DNS template the customers MX ist mail.customerdomainexample.com which gives the other ISP MX a false certificate warning, because my MX is responding with mail.myispdomainexample.com Some ISPs drop the connection if that happens.

I like it if the customersdomain shows up as often as possible, but in this case I just don't see why you would do it this way. Does it have any negative effects if I change the default template to always point to mail.myispdomain.com?

Thanks!