On 2013-02-08 11:04, Reindl Harald wrote:
Am 08.02.2013 10:47, schrieb Markus Grunwald:
But then the hostname for the virtual domains won't match, won't it?
Can I use the certificate for *.the-grue.de for *.virtualdomain.de?
jesus christ so tell your customers use 'mail.the-grue.de' as
hostname
what benefit do you have from different hostnames?
this is not a apache webserver with different content depending on
the hostname, and even there you need a IP per ssl host as long
WinXp is alive
and yes this works even with business users
been there, done that, doing that since years for some hundret
domains
Quite obviously using a generic mailhost for other
vhosts/virtualdomains is
the current solution, and works.
What Markus is describing, namely completely seperating each virtual
domain towards
the end user, so that it's possible for a user to benefit from only
having to
remember a single [username, domain, password] triple for TLS encrypted
access to
an account, is not a completely unreasonable Idea.
It works for http (if, as you pointed out, excluding WinXP is an
option, depends
on the userbase), it works for xmpp and while it doesn't work for
mailsubmission
or retrival, it would be nice if it did.
I for one am waiting client support for SNI, IPv6 or mail submission
SRV Records,
or whatever other puzzlepiece to the solution for this problem.
Assuming "E-Mail" will stll exist when that happens...
