Multidomain ssl config ?

justina colmena ~biz justina at colmena.biz
Sun Oct 16 00:39:37 UTC 2022 

Yeah. You get a better spam score and a better rep for your server if the 
hostname you use as an MX record matches the reverse DNS for its IP 
address(es) as well and everything is correct as recommended by rfc docs. 
If there's outgoing mail it's all going to use the same hostname as the 
"ehlo" I.D. anyways, isn't it?

The big bosses and professionals are cracking down on servers etc., aren't 
they? I just recently tried to set up an alternate/backup server from a 
different provider in a very authoritarian country in northwestern/central 
Europe, but they borked my billing information terminated service and 
screwed up my domain renewal and caused a lot of other grief elsewhere in 
addition. Barely managed to save myself and stay online.

So we're going to see more small and medium sites kicked off the internet, 
and even having had one's own website and email means we're not welcome on 
FB, TWTR, and friends. Just squash the competition for interstate commerce, 
because the cartels are taking over.

On Wednesday, June 29, 2022 1:25:18 PM AKDT, Paul Kudla (SCOM.CA Internet 
Services Inc.) wrote:
> John please send me a direct email address
>
>
> I understand what you need and my customers are all seperate 
> certs per domain on both sides
>
>
> I spent over three months setting stuff up
>
>
> I wil send complete instructions for both postfix & dovecot
>
>
> Plus auto scripts etc
>
>
> You will need to be running a postgresql database for my stuff 
> to work without mods
>
>
> And running python 2.xx
>
>     
>       
>  thanks - paul 
>    Paul Kudla      SCOM.CA Internet Services Inc.    004-1009 
> Byron Street South   Whitby, Ontario - Canada   L1N 4S3    
> Toronto   416.642.7266   Main   1.866.411.7266   Fax   
> 1.888.892.7266   
>
> On Jun 29, 2022 at 16:39:29 EDT, John Stoffel 
> <dovecot-bounces at dovecot.org> wrote:
>
>>>>>> "Maurizio" == Maurizio Caloro <mauric at gmx.ch> writes:
>
> Maurizio> on postfix now this seems to run, and with dovecot i need
> Maurizio> also handle this two domains, but appairing this error
> Maurizio> messages. like:
>
> Why aren't you just using a single domain as the MX record for all the
> domains? Then you only need one SSL cert pair for all of this, and if
> you publish the right SPF records, each domain can send from the same
> MX host as well.
>
>
>
>
> Maurizio> Jun 29 20:49:28 Dovecot/imap-login: Info: 
> Disconnected (no auth attempts in 0 secs): user=<>,
> Maurizio> rip=a.b.c.d, lip=37.120.190.188, TLS handshaking: 
> SSL_accept() failed: error:14094416:SSL routines:
> Maurizio> ssl3_read_bytes:sslv3 alert certificate unknown: SSL 
> alert number 46, session=<FdklDjkdfrkfi>
>
> Maurizio> Running with Debian Buster
>
> Maurizio> # dovecot --version
> Maurizio> 2.3.4.1 (f79e8e7e4)
>
> Maurizio> # nmail.caloro.ch
> Maurizio> local_name nmail.caloro.ch {
> Maurizio>  ssl_cert = </etc/letsencrypt/live/nmail.caloro.ch/privkey.pem
> Maurizio>  ssl_key = </etc/letsencrypt/live/nmail.caloro.ch/fullchain.pem
> Maurizio>  }
> Maurizio> # nmail.calm-ness.ch
> Maurizio> local_name nmail.calm-ness.ch {
> Maurizio>  ssl_cert = </etc/letsencrypt/live/nmail.calm-ness.ch/privkey.pem
> Maurizio>  ssl_key = </etc/letsencrypt/live/nmail.calm-ness.ch/fullchain.pem
> Maurizio>  }
>
> Maurizio> thanks for possible help
>
>
>
>

More information about the dovecot mailing list