Am 15.10.2012 15:25, schrieb Dominique: > On 15/10/2012 14:20, Wietse Venema wrote: >> Dominique: >>> I am trying to secure the mail service we have for other domains we >>> have, as all mail users will not access all mail domains. We have a >>> certificate for the current mail server connections (TLS). Each new mail >>> domain should have its own certificate, no ? >> You did not answer the question: why do you need per-domain SMTP >> server certificates? >> >> That is entirely separate from the question of why you need them >> on a single IP address. >> >> Wietse >> >> > Maybe there is something I dont understand, hence it seems I do not answer > the way you're expecting. If I have > various domains for various mail servers i.e. mail.domain1.com, > mail.domain2.com, mail.domain3.com do I not need a > certificate for each?
if it is the same server there is no need for "mail.domain1.com", "mail.domain2.com" as said this is not HTTP where the hostname matters you even do not need any mail.domain.tld-DNS record as said: "mail.yourdompany.com" is enough ____________ if you start with mail.domain1.com, mail.domain2.com, mail.domain3.com you have only a lot of useless work with DNS and in this case YES you need a matching certificate and if it is some sort of business all these certificates have to be sigend by a CA like Thawte which costs you a lot of money ____________ again: nobody needes different hostnames for the same mailserver except for useless beautiful names
signature.asc
Description: OpenPGP digital signature
