Open WKnak opened 8 years ago
Your SMTPD Cert needs to be for your Mail Server Domain you need to use for all your Domains as MX.
check with telnet to your ISPconfig server:
#> telnet 123.123.123.123 25
Trying 123.123.123.123...
Connected to 123.123.123.123.
Escape character is '^]'.
220 mail.my-mailserver.net ESMTP Postfix (Debian/GNU)
quit
221 2.0.0 Bye
Connection closed by foreign host.
So your Cert needs to be for "mail.my-mailserver.net" (and the MX record for your Domains too)
Although I didn't created a Let's Encrypt cert for Postfix yet, I think we can use it to do that too.
I don't know if we need to create a single certificate with all mail virtual domains - which will force us to revoke/renew each new domain is created, or we can add a single cert for each mail domain.
If so, maybe is a good opportunity to allow the the Let's Encrypt integration routine to include not only web alias domains, but also MX records (if they're point to same IP / server).
This is also good due to LE limitations per domain.
Any ideas on that?