Mail/DNS Configuration using customer domain not the mail server Hostdomain to connect

Discussion in 'Server Operation' started by Gerritdelange, Jul 16, 2024.

  1. Gerritdelange

    Gerritdelange New Member

    I all, my first post on here,
    I have a ISPConfig managed VPS where I host multiple web and e-mail domains.
    My DNS and name-servers are hosted at Cloudfare
    The good news - everything works :)
    I need to config my e-mail domains so that when the customer sets up his mail client he uses e.g mail.hisdomain.com and not my mail server host domain e.g ms1.serverflex.co.za. Currently IMAP and SMTP only works if I use ms1.serveflex.co.za
    I have tried all ways of DNS work around.
    Please help
     
    Gerritdelange, Jul 16, 2024
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    That's not recommended as it would mean that all subdomains must be in the central SSL cert of the server. So such a setup works only if you have very few customers and do not plan to grow. You can find such a setup here:

    https://www.howtoforge.com/securing...server-with-a-valid-lets-encrypt-certificate/

    The better approach, though, is what larger hosters do and what is the default in ISPConfig: You tell your customers to connect to a subdomain of your domain (e.g. mail.yourdomain.tld) and not their domain to connect to email. This will give you a more stable setup, your service can grow, the SSL cert renewal will not fail if a customer changes his DNS, and it will also strengthen your company's branding as a service provider.
     
    till, Jul 16, 2024
    #2
    ahrasis likes this.
  3. Gerritdelange

    Gerritdelange New Member

    Thank you till not what I wanted to hear :) but was what i expected
     
    Gerritdelange, Jul 16, 2024
    #3
  4. pyte

    pyte Well-Known Member HowtoForge Supporter

    In most cases the Mailclient itself tries to determine the server settings. Allthough there is no built-in way with ISPConfig you can acchieve this with some other software. This is what most customers want anyway, they just want to enter the E-Mailaddress and password in the client and everything else should happen automatically.

    email-autoconf is one example https://gitlab.com/onlime/email-autoconf
     
    pyte, Jul 16, 2024
    #4
    ahrasis and till like this.
  5. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Th0m, Jul 27, 2024
    #5
    pyte likes this.
  6. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    the OP's original plan can be done using SNI, both postfix and pure-ftpd fully support SNI now, so it should be possible to do this for both emails and ftp access. each domain would have it's own certificate, so no problem with having lots of domains and using letsencrypt.

    the only issue is it would currently have to be configured manually. ispconfig doesn't support it at the moment.
    it would be nice if it was supported configuration option in ispconfig, but that would be quite a bit of work, i expect the certificates would have to be stored in the db and passed between servers via mysql to allow for multi-server systems where the services for each domain are separated across different servers.
     
    nhybgtvfr, Jul 29, 2024
    #6
    ahrasis likes this.
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, ISPConfig would need a complete new cert management that allows certs to be created independently from websites, and they must be stored in the database.
     
    till, Jul 29, 2024
    #7
    ahrasis likes this.

Share This Page