Hello all,

I have a Dovecot (v2.3.10.1) + Postfix (v3.5.3) both cfg; d to use TLS however each using different certificates.  In addition, I have cfg’d a DNS CNAME that points to the server A record.  For example,


When setting up a new account in Apple Mail, if I specify the server name as the “Host Name” (i.e. mil server), the cert that is cfg’d in Dovecot is received and everything works fine.  However, if I instead use the alias CNAME as the “Host Name”,  then the cert for Postfix is sent to the client.  This causes issues because I do not have the CNAME in the SAN of the Postfix certificate.

I doubt this is a bug because I have to think others have employed a similar configuration so I must be missing something here — any thoughts?

Thanks in advance...