Am 07.11.2014 um 02:52 schrieb Peter:
On 11/07/2014 11:35 AM, Sven Köhler wrote:
I don't have the option to buy one IP per hostname that I want to
support. As we all know, IPv4 addresses are expensive as they are not
many of them left.
The current best practice method in dealing with this is is you just
have one hostname for submission (smtp.provider.tld) instead of one per
domain, then everyone is instructed to use the one domain for submission
(and likely for fetching email via IMAP as well, but that's off-topic
for postfix)
and it is smart do it that way
other than for webservers you have not different contents for different
hostnames but mandatory user authentication - so why waste time and
money dealing with different hostnames and certificates?
even a multi-domain certificate is a nightmare when you get new domains
and need to replace it every time and even if SNI would be supported you
likely will not have much luck with client support (and no users don't
use up-to-date software all the time - sad but true)
until now nobody was able to tell me any benefit of multiple server
names for a mailserver instead 1 hostname, 1 certificate and 1 PTR
matching the A-record and HELO name with 100, 200, 300, 500 MX records
in different domains pointing there
