• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue SSL/TLS and mail server

Janko Falli

New Pleskian
Hello,
i have a server with single IP but many domains, every domain do have installed Let's Encrypt Cert but when i setup mail box in outlook or other mail client i get notifications that certificat is not for this domain (it shows one of the other domains on the server) if i set imap/smtp to be domain shown on the warning it works without complications but thats not the perfect solution for me. Any suggestions?
 
Depends on how many domains you have... ;) but have a read of THIS option.
Well maybe the whole thread, including the last post.

Assuming that you have already applied Reverse DNS to your FQDN and your FQDN name is also specified correctly within here: https://YOURDOMAIN:8443/plesk/server/preferences/ and... Send from the specified IP address is chosen here: https://YOURDOMAIN:8443/plesk/server/mail/ Then using the option above should be able to solve all the issues you mention. There's quite a bit of work (explained in the linked thread) but it works fine for us
 
Essentially the services responsible for the email functionality on your Plesk server (Postfix/Qmail/Dovecot/Courier) do not support SNI, thus you can only have one single SSL certificate per IP address.

So, in order to be able to use mail.customerdomain.tld in Outlook and other mail clients, you will need a single certificate that covers/contains ALL of the domains on your server.
Up to a certain extent this is technically possible to achieve (there is a technical limit on how many domains you can have within a single cert) but lots of manual work required...
 
...So, in order to be able to use mail.customerdomain.tld in Outlook and other mail clients, you will need a single certificate that covers/contains ALL of the domains on your server. Up to a certain extent this is technically possible to achieve (there is a technical limit on how many domains you can have within a single cert) but lots of manual work required...
As explained and demonstrated in here:
Depends on how many domains you have... ;) but have a read of THIS option. Well maybe the whole thread, including the last post
Where Let's Encrypt Wild Card Certificates are used for this (Multiple Domains / Sub-Domains / Mail Servers etc etc)
 
Sending emails via the SMTP protocol (that is, relying on an outgoing SMTP server) is still the most common way to communicate on the internet. However, SMTP has been built without a native security layer: meaning that your emails will always be exposed and quite easily hackable.

That is why we suggest to set a secure SMTP with an encryption protocol – the most popular being SSL (Secure Socket Layer) and TLS (Transport Layer Security). Basically, an SMTP server with SSL/TLS starts a connection with the receiving server passing only encyripted information – thus making it a lot more difficult to others to break it.

So, how to configure an SMTP with SSL/TLS?

It’s very simple: you just need to open your mail client’s configuration panel and flag “Use SSL/TLS” in the “Connection security” field. Remember also to set the right SMTP SSL port for the email transmission – normally, port 465.
 
Back
Top