asking for some opinion regarding domain SNI support in postfix & dovecot. apparently i am using a manual way to do it, Create a site call mail.example.com and enable Letsencrypt SSL, & add DocumentRoot "/var/lib/roundcube/public_html" Alias "/stats" "{DOCROOT}/stats"to Apache Directives for Roundcube webmail. Added in /etc/postfix/main.cf tls_server_sni_maps = hash:/etc/postfix/domain_ssl.map/etc/postfix/domain_ssl.map mail.example.com /var/www/mail.example.com/ssl/mail.example.com-le.key /var/www/mail.example.com/ssl/mail.example.com-le.crtrun "postmap -F hash:/etc/postfix/domain_ssl.map && systemctl restart postfix" create /etc/dovecot/conf.d/99-ispconfig-custom-config.conf local_name mail.example.com { ssl_cert = </var/www/mail.example.com/ssl/mail.example.com-le.crt ssl_key = </var/www/mail.example.com/ssl/mail.example.com-le.key }restart dovecot and create a bash script to run "postmap -F hash:/etc/postfix/domain_ssl.map && systemctl restart postfix" and add the script to post-hook for acme.sh cron job. need clarification if i am doing it a correct way for ISPConfig or there is a better way to do it coz i don't find anything in the web gui. it's pretty troublesome to do it every time when create a new mail domain.
ISPConfig does not support SNI for email yet, so there is no right or wrong way at the moment. We plan to implement it in a future version. You are using the right custom config file, so that's good as it makes your changes update safe.
