search

alexalouit / ISPConfig-letsencrypt

Let's Encrypt support for ISPConfig
67 stars 23 forks source link

Include MX records to Let's-EnCrypt Postfix? #21

Open WKnak opened 8 years ago

WKnak commented 8 years ago

Although I didn't created a Let's Encrypt cert for Postfix yet, I think we can use it to do that too.

I don't know if we need to create a single certificate with all mail virtual domains - which will force us to revoke/renew each new domain is created, or we can add a single cert for each mail domain.

If so, maybe is a good opportunity to allow the the Let's Encrypt integration routine to include not only web alias domains, but also MX records (if they're point to same IP / server).

This is also good due to LE limitations per domain.

Any ideas on that?

xenDE commented 8 years ago

Your SMTPD Cert needs to be for your Mail Server Domain you need to use for all your Domains as MX.

check with telnet to your ISPconfig server:

#> telnet 123.123.123.123 25
Trying 123.123.123.123...
Connected to 123.123.123.123.
Escape character is '^]'.
220 mail.my-mailserver.net ESMTP Postfix (Debian/GNU)
quit
221 2.0.0 Bye
Connection closed by foreign host.

So your Cert needs to be for "mail.my-mailserver.net" (and the MX record for your Domains too)