Hi ISPConfig team and community, First of all, thanks for the amazing work on ISPConfig! It’s a fantastic control panel and makes server management so much easier. I recently spent some time fixing a common issue and thought it would be a great addition to the core features: Automatic Mail SNI (Server Name Indication) for Postfix and Dovecot. The Problem: In multi-domain setups, mail clients (like Thunderbird or Outlook) often throw "Certificate Mismatch" warnings when users try to use their own domain (e.g., mail.customer-domain.com) as the mail server. By default, ISPConfig mostly presents the global ispserver.crt. My Workaround (The Manual Way): I managed to solve this by manually setting up SNI: 1. Creating local_name blocks in Dovecot (/etc/dovecot/conf.d/...) pointing to the LE certificates in /var/www/domain.tld/ssl/. 2. Creating a sni_maps file for Postfix and linking it in main.cf via tls_server_sni_maps. 3. Adjusting folder permissions so that mail services can actually read the web-SSL directories. The Feature Request: It would be awesome if ISPConfig could handle this automatically! Possible implementation: A checkbox in the Website SSL tab or the Mail Domain settings like "Enable Mail SNI". If checked, ISPConfig could automatically update the Postfix sni_maps and Dovecot local_name configurations whenever a Let's Encrypt certificate is renewed or created. This would eliminate certificate warnings for end-users and make the hosting experience much more professional out-of-the-box. What do you think? Is this something that could be added to the roadmap? Keep up the great work! Best regards
