wolstech Posted May 3, 2025 Posted May 3, 2025 That works. If it will only be used for personal use and not for bulk email, 100/day should be plenty. Limit increased. Note that multiple recipients on a message do count as their own email (for example, if I send one email to 4 friends about a party...that counts as 4 emails in our system, not 1).
giuliodinatale Posted May 3, 2025 Posted May 3, 2025 Thank you very much, I'll wait these two hours or i'll do it tomorrow if it's already late here, if I still have problems with the imap I'll answer in this ticket if it's not a problem for you, if not I'll open another one
wolstech Posted May 3, 2025 Posted May 3, 2025 You're welcome. You can just reply here if you have additional concerns tomorrow
giuliodinatale Posted May 3, 2025 Posted May 3, 2025 Is it possible to obtain a valid SSL certificate specifically for mail.giuliodinatale.it? Currently, the certificate is only valid for giuliodinatale.it. If I can get a certificate for the mail subdomain, I could point my mail services (IMAP) to mail.giuliodinatale.it and put my main website back behind Cloudflare’s proxy without losing their protection. Is that a viable solution? Because when I disable the Cloudflare proxy on the A record for giuliodinatale.it, everything works fine — but when I enable the proxy, nothing works. Why does this happen?
wolstech Posted May 3, 2025 Posted May 3, 2025 Yes it is. I've added it as an alias for you and reissued your certificate to include it. If you look in Plesk you'll see it as an alias and under the SSL settings you'll see that it's now secured. You'll need to wait another 2 hours for the new cert to take effect so its actually covered. The cloudflare proxy cannot pass IMAP or SMTP traffic, so any domain you enable that on will not work with a mail client. You can still receive mail at addresses on a proxied domain though (the MX record is what's used to deliver mail to a domain).
giuliodinatale Posted May 4, 2025 Posted May 4, 2025 Okay thank you very much, we did it, now the last thing I really ask you is: In the DNS MX Record as a value should I point to the Record A mail.giuliodinatale.it or leave morty.heliohost.org? Because I have already switched to mail.giuliodinatale.it as an MX record and it seems that it is working both in receiving and sending (Obviously sorry for the time)
giuliodinatale Posted May 5, 2025 Posted May 5, 2025 I get it every night at 2am, is this email from let's encrypt normal or not? Can I ignore it or do I have to do something? Could not secure domains of giuliodinatale (login giuliodinatale) with Let`s Encrypt certificates. Please log in to Plesk and secure the domains listed below manually. Securing of the following domains has failed: ** 'giuliodinatale.it' ** Missed domain names failed to pass validation: www.mail.giuliodinatale.it The following domains have been secured without some of their Subject Alternative Names: <none> Could not renew Let`s Encrypt certificates for giuliodinatale (login giuliodinatale). Please log in to Plesk and renew the certificates listed below manually. Renewal of the following Let`s Encrypt certificates has failed: <none> The following Let`s Encrypt certificates have been renewed without some of their Subject Alternative Names: <none> Legend: [+] This domain is secure. The domain's SSL/TLS certificate from Let`s Encrypt has been issued/renewed. [-] This domain is not secure. Either the domain's SSL/TLS certificate from Let`s Encrypt could not be issued/renewed or the domain name was excluded from the certificate. Renew the certificate manually or request a new one to secure this domain.
wolstech Posted May 5, 2025 Posted May 5, 2025 It's because you don't have a DNS record for www.mail in your zone. Plesk just assumes every domain has a www version. Realistically, you're never going to use that address, but if you create an A record called www.mail and point to the same IP as mail, it should stop.
giuliodinatale Posted May 5, 2025 Posted May 5, 2025 Is it still ok if it's a cloudflare proxied address like the others?
wolstech Posted May 5, 2025 Posted May 5, 2025 Being part of the mail subdomain, I wouldn't recommend it. The certificate also likely won't issue with the proxy on because it won't be able to verify the domain.
wolstech Posted May 5, 2025 Posted May 5, 2025 Create a DNS record called www.mail in CF, type A, target 65.19.154.94. Leave the proxy disabled on it. Wait overnight and see if the certificate issues (you'll get an email saying it secured the domain if so).
Recommended Posts