Author Topic: Postfix SNI - Email SSL for each domain than Server hostname  (Read 1319 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Postfix SNI - Email SSL for each domain than Server hostname
« on: October 05, 2020, 04:53:53 PM »
What i am trying to achieve is, each domain can connect to mail server with its respective SSL domain irrespective of hostname
for e.g. abc.com connect to imap and smtp using mail.abc.com on SSL

However, whenever a client connects to mail.abc.com, the server responds with server main hostname SSL.

Please know that, http SSL certificate works fine on server hostname and abc.com properly, this issue is with e-mail.

Background:
New install of CWP with everything updated
Postfix mail_version = 3.4.7
Domain and certificate key mapping is found in File: /etc/postfix/vmail_ssl.map
Tried rebuilding mail server configuration, it doesnt work
All services are installed in CWP control panel --> SSL Certificates option

Need help with resolving this.



Offline
*****
Re: Postfix SNI - Email SSL for each domain than Server hostname
« Reply #1 on: October 06, 2020, 03:28:20 AM »
you need to install admin services ssl from free ssl manager. i.e.
mail.domain.com

Offline
*
Re: Postfix SNI - Email SSL for each domain than Server hostname
« Reply #2 on: October 06, 2020, 04:54:44 AM »
As I have already mentioned within Background details, all services, specifically mail is installed for each of the domain domain.

Offline
*
Re: Postfix SNI - Email SSL for each domain than Server hostname
« Reply #3 on: October 06, 2020, 11:05:13 AM »
you need to test your mail service connection, you can google for many different types of tests, like simple ones using openssl

Code: [Select]
openssl s_client -servername mail.domain.com -connect mail.domain.com:pop3s
openssl s_client -connect localhost:25 -servername servername.otherdom.com -starttls smtp
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
*
Re: Postfix SNI - Email SSL for each domain than Server hostname
« Reply #4 on: October 06, 2020, 07:22:12 PM »
Thanks for your response.

For the openssl commands,
openssl s_client -servername mail.domain.com -connect mail.domain.com:pop3s
This returns the server hostname instead of the client - mail.domain.com etc.

openssl s_client -connect localhost:25 -servername servername.otherdom.com -starttls smtp
This returns the correct client domain name mail.domain.com etc.