• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question SSL for email on Addon domains

How do your customers use SSL/TLS?

  • Customers don't use SSL/TLS

    Votes: 0 0.0%
  • All customers use the same mail server like mail.serverdomain.com with port 465

    Votes: 4 66.7%
  • Each customer uses their own branded domain/SSL combination like mail.clientdomain.com with port 465

    Votes: 2 33.3%
  • I just want to see the poll results

    Votes: 0 0.0%

  • Total voters
    6

VojkanC

Basic Pleskian
When I go to mydomain.com:8443/admin/ssl-certificate/list
There is an option to choose Certificate for securing mail and works great.

Some of my customers would like to have their branded incoming and outgoing email servers like:
mail.mycustomer.com that they can use over SSL/TLS and port 465.
Currently, some email clients have warnings and Apple Mail users don't have any warning... it just fails to receive/send emails.
The only configuration that works is that my customers use server domain like mail.serverdomain.com

How can this be achieved with:
OS : ‪CentOS Linux 7.6.1810 (Core)
‬Product: Plesk Onyx Version 17.8.11 Update #41
 
Not quite sure @VojkanC from the wording in your post, as to what you (as server admin) have already setup / what you've already given customers, in terms of their own setup limits etc and what you're specifcally trying to achieve, but.... Some quick questions to try and understand a bit clearer before looking at DNS and other record sets etc:

1) Is mycustomer.com a valid domain, with a subscription detailed within your Plesk setup?

If it is, then

2) What have you / your customers setup here: https://serverdomain.com:8443/smb/mail-settings/edit/id/XX/domainId/XX (where XX is the Domian ID for mycustomer.com which you'll find listed on here: https://serverdomain.com:8443/admin/subscription/list?context=subscriptions

A screengrab maybe the easiest way to answer that 2nd question.
 
My question is really simple.

Customers are used to using the following incoming/outgoing servers: mail.customerdomain.com
This works with plain text auth, but with SSL/TLS there is a problem because Plesk enables only one mail server that passes SSL check for MX.

Is it possible to use incoming/outgoing servers in the format mail.customerdomain.com over SSL (port 465 for SMTP and port 995 for POP) for each of my customers?
I have one IP with several customers.
 
@VojkanC Yes, its possible. We can say that, because we do what you have described, but....
Currently, you'll need a resource outside of those supplied by Plesk and, it really does depend on how many domains you have versus the amount of work involved to do this. In short, you would need a *Wildcard Let's Encrypt Certifcate, which cover's multiple domains (any or all of which, can also have sub-domains too) and this certificate, must be issued against the same FQDN that Plesk is setup on and this certificate needs to be sourced outside of Plesk at present. We now use THIS resource to provide this. You stlll should have all the individual domian's Let's Encrypt Certifcates too, but these can be issued by using the Plesk Let's Encrypt Extension. Once you have all the certificates, you then have to set everything up in Plesk correctly, in order for this to work. There's many posts on this subject in this forum, if you run a detailed search, but THIS one (in another forum area) may be a good starting point.
 
Back
Top