Hello Virendra, I do believe SNI based port bindings is something we have on our roadmap. I'll check with development on this and let you know what I find out. 

Has there been any update to this? 

Sorry for the delay on this! SNI is something we have on our list for inclusion in the future, but there has not been an update on this just yet. In the meantime you can set up an SSL environment with something like LetsEncrypt in the meantime, as this will allow you to operate multiple hostnames on a single certificate, allowing you to have all users connect on that single secure port. 

Hi,

The current limit is no more than 100 names in a SAN for Let's Encrypt. But we have more than 150 domains for now. This feature is even available on cPanel Exim. We cannot explain to customers that SmarterMail does not have this feature.  That's why we plan to continue with another mail server. We haven't purchased any updates for this feature for a long time. :( 

I vote for this feature too, because we have over 300 domains and this feature will be a very time saving tool!

All mobile devices force using SSL for mail settings. Users receive an error message because they use their incoming and outgoing server addresses as mail.domain.tld. It is not possible to define a common domain for each customer. We have difficulty in explaining this.

This is something we needed too. 

To work around it we had to setup a dovecot in proxy mode in front of smartermail as dovecot supports SNI. 

So the SSL negotiation is done by dovecot and then it transparently forwards the commands to the smartermail host.

https://wiki.dovecot.org/SSL/DovecotConfiguration#With_client_TLS_SNI_.28Server_Name_Indication.29_support  

Hello all,

 

I want to provide an update on the SNI feature request for SmarterMail. We have been in the process of implementing SNI in SmarterMail, along with dynamic certifications from SSL providers like Let's Encrypt or ZeroSSL. However, we ran into a limitation with the .NET Standard Framework that will not allow us to integrate at this time. To fully implement SNI support, it will require a transition to .NET Core.

 .NET Core is on our roadmap and will also enable Linux integration for SmarterMail. Now that we've found that SNI requires it, it will urge us to move this up transition even more.

 

So, we are now reconsidering our plan for the remainder of the year and will share more information shortly. (The joys of constantly changing technologies!)

Thank you,

Hello,

is there any update on this feature?

we are waiting news on this feature too...

You can add another 100-domain SAN by adding another IPv6/Legacy IP address to the host running SmarterMail then configuring a specific binding for that IPv6/Legacy IP address to a specific certificate; remember that you need to create the binding in both the SmarterMail configuration *and* the host IIS configuration.

All you need to do then is to make sure that hostnames point to the specific IPv6/Legacy IP address that serves the certificate for that hostname.

This works well for me with SmarterMail v17 and Windows Server 2016.

Thanks for the tip, but we are hosting multiple Smartermail servers with 500+ domains, constantly adding new and deleting old ones, so unfortunately this is not an optimal solution for us. 

An ETA for this feature would be nice.

We are still experiencing a similar problem. We want to move forward with Smartermail. I hope an effective solution will be found as soon as possible. SmarterMail is the most suitable solution in terms of license and infrastructure costs.

HI,

Any news from this? 

Regards,

SR

Hi,

Unfortunately, years have passed on a very important issue, but SmarterMail has not made any headway. We are tired of telling every customer that they must use a server hostname. 

How long will it take more?

An update in this matter would be appreciated.

Finally, SmarterMail offered a solution to this issue in the new version. Thanks a lot :) 

Yes but its allready there in IIS for the site Smartermail is using.

We run SNI here....

Hello everyone

Yes, SNI for HTTP/HTTPS requests is one thing, but I'm also more interested in all the protocols such as SMTP/S, POP3/S, IMAP4/S, etc. with SNI support so that each customer has their own certificate, for example with Let's Encrypt can be generated. Or was it not intended to go that far?

Hey Roger, 

Thanks for the question. That was one of the main points of SNI. It does indeed work with the protocols. We are still working out some of the kinks and some changes are coming so I think you should wait until the next update before giving your full review. 😁

Thanks,