I think I have the primary mail domain setup correctly on on MIAB. Lets call this the primary domain jambuster DOT london
I have now added in a second mail domain and also think I have set that up correctly. MIAB claims it has all the right Lets Encrypt certificates for both the primary and second domains. Lets call the second domain robertwillett DOT com.
I can setup IMAP mail for the primary domain correctly using two different Mail clients, MailMate and Apple Mail.
When I try to setup a mail account for the secondary domain on either of the two mail clients, I get a certificate error. MIAB is returning the primary domain certificate rather than the secondary domain certificate.
e.g. I use NAME1 AT robertwillett DOT com, it makes a connection, I can see all the right settings apart from the wrong certificate is returned for validation (I think).
Now I am NOT using the internal DNS configuration as I have a load of other external servers that rely on DNS. However I went through the External DNS settings and transferred them to my external DNS provider. I assumed this was enough.
The IMAP configuration settings are the same for all domains hosted by the box — the same server name, your first domain — is used for all IMAP users regardless of their email address.
So this is the expected behaviour, and the SSL certificates for all the secondary domains are not used for mail purposes.
If we’d known that at the start, we’d have used a different, more generic domain as the first domain. Oh well, not the end of the world, we’ll see if we can fix it otherwise we’ll reinstall from scratch. We may end up doing that anyway to do a very clean build so we’ll chalk it up to experience.
We never noticed it or rather we read it an didn’t appreciate it Hindsight is wonderful
Not the worst cock up we have ever made. Only slight problem is the 15GB of mail we have just dumped into the system overnight
Now we know the problem, we’ll sort it out, at least the new mail server has 1GB links between the machines, so we can move the data around quickly as its inside the security perimeter.
