[Dovecot] TLS SNI with Dovecot

Reindl Harald h.reindl at thelounge.net
Sun Dec 22 23:26:07 EET 2013

Am 22.12.2013 22:07, schrieb Michael Neurohr:
> I've been using Dovecot for one single Domain with SSL certificates.
> Now I would like to use Dovecot with several Domains and proper SSL
> certificates. I tried to setup TLS SNI but it does not work. What I
> basically did was just adding

forget it - SNI is relevant for webservers because different
vhosts with different contents, typically not for mailservers

why do you start the burden of different certs instead
"mail.your-company.tld" and give that hostname to any user?

there are good reasons that other hosters are doing the same

unencrypted: imap.your-domain.tld
encrypted: sslmailpool.ispgateway.de

while the unencrpyted from is also stupid from maintaince point of view
we did that for some years and it did not work out in any sense

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20131222/17e19f4c/attachment-0001.bin>

More information about the dovecot mailing list