• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Solving the shared hosting TLS mail problem with NGINX mail proxy

Niek_Beernink

Plesk Certified Professional
Plesk Certified Professional
Mail clients have been looking for a valid TLS certificate by default for a while now, however an smtp mail server such as postfix only supports one single certificate per server and doesn't know SNI like dovecot does. So we're dependant on the upstream software suppliers for SNI support. This creates a problem for customers looking to use smtp.example.org as their mail hosts on shared hosting servers and requires us to instruct the customer to:

  1. Disable TLS if client insists of using smtp.example.org (bad)
  2. Change the smtp hostname to the server hostname (okay but requires a client change if the subscription is ever moved to another server)

I was wondering if anyone ever tried using NGINX as a mail proxy for shared hosting domains on plesk.

What would be needed for this?
  • A recompile of NGINX to add mail support. (nginx -V does not currently show mail support)
  • Some way to instruct plesk to add a config in nginx to route mail from the nginx mail proxy, remove the SSL and continue onto to the local mail server.
  • A HTTP authentication server or script that can talk to dovecot & postfix.
 
Thanks Brujo, my experience with that is that it'll take a long while before it will be implemented. I also think that the tools are pretty much present already so it might not be such a hard thing to do. I'll try and see if I can get it to work somehow as soon as I find some spare time. :)
 
my experience with that is that it'll take a long while before it will be implemented.
on one hand of course you are right, but anyway it would be a chance to get it someday implemented as standard for the comunity and it worth to do it.
 
Back
Top