On 10/6/2008, Jorey Bump ([EMAIL PROTECTED]) wrote: > If the name resolves, they'll connect to your server. However, if you're > going to offer STARTTLS, you have a problem. How are you going to > support all of these different domains in a single certificate? > Currently, you can't, so you'll need to pick a name (mail.example.com) > for your SMTP/IMAP/POP3 server and stick with it. Otherwise, you'll need > to use a more complicated approach, such as multiple instances each with > their own certificate. > > Users can't infer the server settings from an email address, so you'll > have to explicitly provide it, anyway. The problems caused by the wrong > certificate are likely to create more support calls.
Ok, thanks, that was my next speed bump. I use self-signed certs, and since my instructions already explain in detail about the 'warning' (man, I really hate how Firefox 3 reacts to self-signed certs now), I was hoping that it wouldn't matter that the domain name didn't match, that TBird would react the same way (warning me, but letting me accept the cert anyway). If it won't, you're right, I'll have to just make do with a single server name (no problem really, but I'd prefer to use domain specific ones if possible)... so lets go see... Cool, it works... :) guess there's no better answer available that just trying it out won't give... Now all thats left is to try it from outside the network, and I have to wait for the MX records te get set up (using outsourced anti-spam provider for incoming mail)... -- Best regards, Charles
