SNI for Mail Services
Idea shared by Virendra - 9/16/2019 at 6:53 AM
Under Consideration
With new Plesk Obsidian Release coming out and the beta with the below feature, 

SNI for Mail Services
Secure your SMTP, IMAP, and POP connections to the mail server using an SSL/TLS certificate. SNI support comes for both Postfix and MailEnable, allowing installation of individual certificates for each domain.

Is this something planned in smartermail for future release, as this would be a really most looked up feature,

many thanks,     

7 Replies

Reply to Thread
1
Kyle Kerst Replied
Employee Post
Hello Virendra, I do believe SNI based port bindings is something we have on our roadmap. I'll check with development on this and let you know what I find out. 
Kyle Kerst
Technical Support Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
1
Has there been any update to this? 
1
Kyle Kerst Replied
Employee Post
Sorry for the delay on this! SNI is something we have on our list for inclusion in the future, but there has not been an update on this just yet. In the meantime you can set up an SSL environment with something like LetsEncrypt in the meantime, as this will allow you to operate multiple hostnames on a single certificate, allowing you to have all users connect on that single secure port. 
Kyle Kerst
Technical Support Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
1
Hi,

The current limit is no more than 100 names in a SAN for Let's Encrypt. But we have more than 150 domains for now. This feature is even available on cPanel Exim. We cannot explain to customers that SmarterMail does not have this feature.  That's why we plan to continue with another mail server. We haven't purchased any updates for this feature for a long time. :( 

1
I vote for this feature too, because we have over 300 domains and this feature will be a very time saving tool!
0
All mobile devices force using SSL for mail settings. Users receive an error message because they use their incoming and outgoing server addresses as mail.domain.tld. It is not possible to define a common domain for each customer. We have difficulty in explaining this.
0
This is something we needed too. 

To work around it we had to setup a dovecot in proxy mode in front of smartermail as dovecot supports SNI. 
So the SSL negotiation is done by dovecot and then it transparently forwards the commands to the smartermail host.


Sébastien Riccio
System & Network Admin

Reply to Thread