Postfix SSL issue with multiple domains
I followed this guide
Every example.com is replaced with myotherdomain.com and hostname of my machine is mydomain.club (If I change it, /etc/resolv.conf gets reset and I start sending mails as hostname.mydomain.club, so I left that as it is.). However, this emails I sent are not encrypted and email clients, such as google, are complaining about it. Error mydomain.club did not encrypt this message.
/etc/postfix/main.cf file contains:
smtpdusetls = yes
smtpdtlscertfile = /etc/pki/tls/certs/myotherdomaincom.crt
smtpdtlskey_file = /etc/pki/tls/certs/server.key
I got PositiveSSL certificate myotherdomain_com.crt from namecheap, when I registered a myotherdomain.com, server.key was generated when I issued
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
The certificate is working when I use https on myotherdomain.com.
When I send an email with mutt -f . command, while being in /home/vmail/myotherdomain.com/sales/Maildir the email is send from
I have a feeling that MTA uses mydomain.club with the certificate, while it should use it with myotherdomain.com.
How can I resolve this issue?
1 Reply
All my domains contain a MX record for their mail that points to server.example.org (replace example.org with one of your domains)
Run postfix on server.example.org
Use a certificate for server.example.org (I just re-used my webserver cert for server, but you should be able to use a letsencrypt cert for server)
All mail from all domains then originate from server.example.org and the RDNS and certificates match and everyone is happy.
This work fine if you are not trying to hide that all you domains are related to the one server. I'm just a person, not a hoster, so it works for me and is simple to setup.