Question Secure Email Connections

[FlyingQuokka]

Hi,

I have a VPS with Plesk Onyx and have been trying to secure my email server.

I've followed all the instructions I can find and set up the server to use the Let's Encrypt certificate, but my Outlook client is still saying that the target principal name is incorrect even after I install the certificate.

Can anyone tell me how I can get Outlook to accept the certificate?

Debbie

 

[garcue]

Shows the output of this test

==> // email / test To:
​

Check that the following steps are well done:

==> Securing Plesk and the Mail Server With SSL/TLS Certificates
​

 

[FlyingQuokka]

Hi garcue,

Thanks for the links. The CheckTls one is very useful.

It's showing that the problem I'm having is that the mail server hostname in the certificate is mail.soup2nuts.biz, but the hostname it's connecting to is 238628.vps-10.com, which the hostname of my VPS server.

So my question now is: Which one should I change to get them to match and how do I do that?

Debbie

 

[garcue]

Change the host name with vi "/ etc/hostname" that you put in the certificate, verify that you have a well-configured "PTR" entry on your DNS server

 

[UFHH01]

Hi garcue,

pls. don't suggest solutions, which will result in issues/problems with depending services. A manual change of "/etc/hostname" will result in a misconfiguration for your mail - server - configuration files for example ( example for postfix ):

myhostname = 238628.vps-10.com
myorigin = /etc/mailname

With Plesk you have the option to change the hostname over the Plesk Control Panel:

=> HOME > Tools & Settings > Server Settings

After a server reboot, you should further recommend to use the Plesk Repair Utility, so that ( possible ) existent misconfigurations, dependent to the old hostname, can be found and automatically eliminated. ​

 

[themew]

Hi garcue,

Thanks for the links. The CheckTls one is very useful.

It's showing that the problem I'm having is that the mail server hostname in the certificate is mail.soup2nuts.biz, but the hostname it's connecting to is 238628.vps-10.com, which the hostname of my VPS server.

So my question now is: Which one should I change to get them to match and how do I do that?

Debbie

Easy fix -- Log into your server's hosting panel (not Plesk) and change your reverse from 238628.vps-10.com to mail.soup2nuts.biz and your reverse will match your email. Checking the reverse of your hostname shows the 238628.vps-10.com which will change once you're changed your reverse DNS.

 

[FlyingQuokka]

Hi UFHH01,

I realise you can change the server name like this, but as I host several websites and their domains on this VPS, if I use one of them as the server name, the others would then continue having the same problem.

What I need is a solution that would work for all the domains I host on the VPS. Is there such a solution?

One question that arises from this, probably because I'm still learning how to adminster a VPS, is: On a VPS, is there just one mail server that services all the domains hosted on it or can there be one for each domain.

I'm asking because I would like to isolate each domain, so they have a mail server name that relates to the domain name i.e. they don't use the name of the VPS server, which I think is what is giving rise to this problem. Is that possible?

Debbie

 

[UFHH01]

Hi FlyingQuokka,

pls. be aware, that it's a bit tricky for several domains, if you desire an SSL - certificate for each of your domains at your mail - server. But ( !!! ) it is certainly possible.

Pls. have a look at: => #12 ( for a postfix example ) and => #26 ( for a dovecot example )

 

[FlyingQuokka]

Hi UFHH01,

Thanks for the link. Wow, I'm going to have to study that one to get my head around it, before I have a go at it.

I'll let you know how it goes.

Debbie