• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question Securing mail subdomain with SSL

psxeu

psxeu

Basic Pleskian
Hi

When a new domain is created in my system (lets call it domain.com) a MX record is created saying

domain.com mx mail.domain.com

and an A record is created saying

mail.domain.com a 000.000.000.000

however the mail.domain.com is not secured by lets encrypt SSL.

So my question is:

1)
Is it wrong the way the DNS for mail is created?

2)
How do I get the mail subdomain automatically secured by lets encrypt SSL?
 
Let’s Encrypt does not currently offer “wildcard” certificates.
So you will need to be able to list all the domains you want a certificate for, you can’t (as you can with some of the pricier paid certificates) get just one that works for every possible name in your domain.

With Let’s Encrypt you’d need to issue new certificates for any new names you needed.
 
psxeu said:
How do I get the mail subdomain automatically secured by lets encrypt SSL?
Click to expand...
That is not what you want. You are asking how to use the same SMTP server for multiple domains, secure each of the outgoing SMTP mail server domains from your DNS settings with a certificate and send all mail using an individual server name instead of using the one-and-only SMTP hostname.

From experience I can only recommend to forget about it. One host = one SMTP server = one hostname for outgoing mail. You can secure that outgoing mail hostname by a certificate from the SSL/TLS configuration menu in the Tools & Settings area of Plesk. It is absolutely normal and best practice to not to have a different outgoing mail server name and different matching certificates for that in an environment that is hosting more than a single domain. In everyday use it does not matter whether a mail is sent through sdfdf.39i3kd.com or through <mydomain>.com or whatsoever, as recipients won't notice and neither care what technical hostname the mail is being sent from.
 
If you have installed the Let's Encrypt extension, you can choose your domain and in the next step choose the option:
"secure also webmail on this domain"

To secure your "mail host" please use a serverwide ssl certificate for this case.

As Peter wrote:
One host = one SMTP server = one hostname for outgoing mail.
Click to expand...
 
You must log in or register to reply here.

Similar threads

Fabian H
Question Best practice email setup
Replies
4
Views
480
Kaspar
K
E
Resolved Need Help configuring server records for my domain
Replies
5
Views
171
eggih
E
B
Issue Assistance Required: Correct DNS Settings for Mail Servers in Plesk
Replies
0
Views
428
BHK
B
carlsson
Issue Adding mail account to a device takes forever!?
Replies
1
Views
194
Peter Debik
P
carlsson
Issue Mail on Plesk, web on other provider, how do I create a correct SSL?
Replies
2
Views
162
carlsson
carlsson
Back
Top