1 (edited by rinze 2020-03-10 20:33:35)

Topic: Add customer subdomain in DNS pointing to mail server?

Hi,

I have an iRedMail server running on mail.mydomain.com.
I would like my customers to connect to mail.customerdomain.com in their mail config and end up at the same mail server.
Is adding A and AAAA records enough? Or do I need to do more like certificate stuff?

Regards,

Rinze

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Add customer subdomain in DNS pointing to mail server?

You don't need to do anything, they need to set up their MX record pointing to your server

3

Re: Add customer subdomain in DNS pointing to mail server?

I get the MX records. But I want their email clients to connect to mail.customerdomain.com instead of mail.mydomain.com

4

Re: Add customer subdomain in DNS pointing to mail server?

why? then THEY need to add YOUR dns A/AAAA record for mail.customerdomain.com and point the MX to mail.cusomerdomain.com instead of poiting ti directly to your mail.mydomain.com

5

Re: Add customer subdomain in DNS pointing to mail server?

rinze wrote:

I get the MX records. But I want their email clients to connect to mail.customerdomain.com instead of mail.mydomain.com

You need to point A record of mail.customerdomain.com to your server IP address, also request ssl cert for this domain, so that no ssl warning in MUA.

But as @Cthulhu says, if you and your customers don't mind, use your mail.mydomain.com as the server addresses in their MUA will be the easiest thing, and less maintenance. It's all up to you.

6

Re: Add customer subdomain in DNS pointing to mail server?

Well, the Mail server will always only answer with one HELO and one cert, so it is best if the EHLO, the ip PTR and also the MX record for each domain point to the correct record, then u only need one cert for the mailserver matching the HELO

7

Re: Add customer subdomain in DNS pointing to mail server?

So, example:

@ MX -> mail.server1.tld
mail.server1.tld A 123.123.123.123
mail.server1.tld AAAA 2a02:810b:b4a:1234:85a2::1

ensure that both the A and AAAA record have a valid PTR which matches mail.server1.tld

use a valid tls for your server matching mail.server1.tld, and ensure that the server HELO also matches this PTR (default by config if you didn't mess anything up after installation.

Then, for another domain, all you need is:

@ MX mail.server1.tld

You dont/they dont need more, and it is way easyer than your desired solution

8

Re: Add customer subdomain in DNS pointing to mail server?

Cthulhu wrote:

why? then THEY need to add YOUR dns A/AAAA record for mail.customerdomain.com and point the MX to mail.cusomerdomain.com instead of poiting ti directly to your mail.mydomain.com

The reason why is the amount of mail clients the customers has. At this moment the email is hosted by another party. The email clients are connecting to mail.customerdomain.com which only has an A and AAAA record in DNS.
I'm going to take ownership of customerdomain.com and would like to make sure that mail.customerdomain.com still works the same as it does now, so that I don't have to change any settings, given the fact that I'm also setting their current passwords to the mailboxes with the migration.

9

Re: Add customer subdomain in DNS pointing to mail server?

ZhangHuangbin wrote:
rinze wrote:

I get the MX records. But I want their email clients to connect to mail.customerdomain.com instead of mail.mydomain.com

You need to point A record of mail.customerdomain.com to your server IP address, also request ssl cert for this domain, so that no ssl warning in MUA.

But as @Cthulhu says, if you and your customers don't mind, use your mail.mydomain.com as the server addresses in their MUA will be the easiest thing, and less maintenance. It's all up to you.

In some way using mail.mydomain.com would be easy, but I want to stay flexible in moving around domains and mailboxes to other servers. If I can move mailboxes and adjust 2 DNS records (A and AAAA), the customer won't even notice that I've moved their mailboxes.

That SSL cert, where should it be added, in which component iRedMail uses?

10

Re: Add customer subdomain in DNS pointing to mail server?

If you use Let's Encrypt, it's quite easy to handle this. Just make sure you request (only one) cert for all server addresses, including your server hostname, the server address used by your client's MUA (mail.customerdomain.com), also point A type DNS record of "mail.customerdomain.com" to your server IP address, then it's gonna be perfect, no MUA side change required, (mail) connections are secure and no SSL cert warning.