azcunaga
By:
azcunaga

Setting up mail servers to use main domain's SSL certificate

November 3, 2014 2k views

Hi All,

I'd like to ask for you help in solving this issue. The server is Ubuntu 14, running with Virtualmin. I have the main website with e-mail service and I'm trying to set it all up with SSL encryption.

I used to have the MX records setup as mail.domain.com, but now with the certificate (which is regular, not wildcard), I would like to know it it is possible to set the mail server to use the same host as the main site (domain.com). This would mean a significant reduction in SSL certs costs.

I have tried to set this up changing only the DNS entries on my DO panel, and I can send e-mail, but I can's seem to receive it. Any clues as to what I should be looking for?

Or is it recommended to stick to the "mail.domain.com" mail server records and just get an additional cert for that domain (though once again, this is more expensive).

This is what I see in my /var/log/mail.log file when I try to send an e-mail to the server from gmail:

Nov 3 16:03:33 anagly postfix/smtpd[30999]: connect from mail-qa0-f51.google.com[209.85.216.51] Nov 3 16:03:33 anagly postfix/smtpd[30999]: E4B03E450E: client=mail-qa0-f51.google.com[209.85.216.51]
Nov 3 16:03:34 anagly postfix/cleanup[31001]: E4B03E450E: message-id= Nov 3 16:03:34 anagly postfix/qmgr[1990]: E4B03E450E: from=<***@gmail.com>, size=2401, nrcpt=1 (queue active)
Nov 3 16:03:34 anagly postfix/smtpd[30999]: disconnect from mail-qa0-f51.google.com[209.85.216.51] Nov 3 16:03:46 anagly postfix/local[31002]: E4B03E450E: to=<
@anagly.ph>, orig_to=, relay=local, delay=13, delays$ Nov 3 16:03:46 anagly postfix/cleanup[31001]: 1B277E4510: message-id=
Nov 3 16:03:46 anagly postfix/qmgr[1990]: 1B277E4510: from=, size=2529, nrcpt=1 (queue active) Nov 3 16:03:46 anagly postfix/local[31002]: E4B03E450E: to=<
@anagly.ph>, origto=, relay=local, delay=13, delays$
Nov 3 16:03:46 anagly postfix/qmgr[1990]: E4B03E450E: removed Nov 3 16:03:46 anagly postfix/smtp[31317]: connect to gmail-smtp-in.l.google.com[2607:f8b0:400e:c04::1a]:25: Network is unreachable
Nov 3 16:03:47 anagly postfix/smtp[31317]: 1B277E4510: to=, orig
to=<
***@anagly.ph>, relay=gmail-smtp-in.l.google.com[74$ Nov 3 16:03:47 anagly postfix/qmgr[1990]: 1B277E4510: removed

Many thanks

1 comment
Be the first one to answer this question.