Facebook
Twitter
nuno.pereira
New Pleskian
- Server operating system version
- CentOS Linux release 7.9.2009 (Core)
- Plesk version and microupdate number
- Plesk Obsidian Version 18.0.46
For mail only domains, the certificate issued by Let's Encrypt is valid only for webmail.domain, and webmail is secure.
However, for POP3/IMAP/SMTP access by dovecot, even if Plesk domain configuration is indicating that we should use domain for incoming and outgoing mail server, that's not the case, as it's outside. So we use mail.domain as the mail server.
When using the Let's Encrypt certificate to secure the mail, as well as for webmail, this is the configuration added by Plesk to dovecot:
However, apart from <domain> is not working, as it's located elsewhere, by using mail.<domain> as incoming and outgoing mail server, we get an error from the client (namely Outlook) that the certificate is invalid (was issued for webmail.<domain>), and we use webmail.<domain> as mail server, as it's not configured by dovecot.
Is there a possibility to change dovecot's configuration, so that it also uses webmail.<domain> as a valid mail server, in particular when the domain is mail only?
However, for POP3/IMAP/SMTP access by dovecot, even if Plesk domain configuration is indicating that we should use domain for incoming and outgoing mail server, that's not the case, as it's outside. So we use mail.domain as the mail server.
When using the Let's Encrypt certificate to secure the mail, as well as for webmail, this is the configuration added by Plesk to dovecot:
Code:
# grep -r <domain> /etc/dovecot/conf.d/
/etc/dovecot/conf.d/14-plesk-sni-<domain>.conf:local_name <domain> {
/etc/dovecot/conf.d/14-plesk-sni-mail.<domain>.conf:local_name mail.<domain> {
Code:
# cat /etc/dovecot/conf.d/14-plesk-sni-<domain>.conf /etc/dovecot/conf.d/14-plesk-sni-mail.<domain>.conf
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
local_name <domain> {
ssl_cert = </usr/local/psa/var/certificates/scfXPy1p1
ssl_key = </usr/local/psa/var/certificates/scfXPy1p1
}
# cat /etc/dovecot/conf.d/14-plesk-sni-mail.<domain>.conf
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
local_name mail.<domain> {
ssl_cert = </usr/local/psa/var/certificates/scfXPy1p1
ssl_key = </usr/local/psa/var/certificates/scfXPy1p1
}However, apart from <domain> is not working, as it's located elsewhere, by using mail.<domain> as incoming and outgoing mail server, we get an error from the client (namely Outlook) that the certificate is invalid (was issued for webmail.<domain>), and we use webmail.<domain> as mail server, as it's not configured by dovecot.
Is there a possibility to change dovecot's configuration, so that it also uses webmail.<domain> as a valid mail server, in particular when the domain is mail only?
