Allow access to the .well-known directory
Idea shared by Patrick Jeski - 1/4/2024 at 9:24 AM
In build 8684 and prior, it was possible to access the .well-known directory in MRS to facilitate things like policy files (and i *think* BIMI images, but mine was in the root of MRS). The new version breaks this, now my BIMI no longer works and and my efforts to implement MTA-STS have been halted. It would be nice to be able to host files related to SmarterMail on the site as before.

2 Replies

Reply to Thread
I would like to take this opportunity to mention that it is important to exclude the .well-known directory from an HTTPS redirect and keep it accessible via port 80 so that Let's Encrypt can continue to check the challenge in it even if HTTP to HTTPS forwarding is activated.
As an update:
I copied my BIMI image and my .well-known folder from C:\Program Files (x86)\SmarterTools\SmarterMail\MRS to C:\Program Files (x86)\SmarterTools\SmarterMail\Service\wwwroot and everything works, my domain passed the MTA-STS checker, my BIMI image works again and all seems well at the moment. My policy file is available both http and https, so .well-known is apparently excepted from the redirect.

BUT: I am not using automatic certificates in SmarterMail as I have Certify the Web setup for my automatic renewals. If I were to enable SmarterMail Automatic Certificates, I'm not sure the internally generated .well-known would include files from wwwroot/.well-known

I do know that creating a virtual directory in IIS does NOT work, and IIS sees MRS as the site root folder.

Reply to Thread