Please, use the list for communication, others may be interested in this too.
Nospam2k <nospa...@gmail.com> (Mi 16 Okt 2019 08:05:05 CEST): > Perhaps I should go about this a different way. I am going to be hosting > multiple domains. Since it seems that $tls_in_sni is returning blank and/or > can be unreliable, what is the best way to handle things? To just use a > default domain for handling mail? For example, use mail.myhosting.com > <http://mail.myhosting.com/> for everything instead of mail.mysite.com > <http://mail.mysite.com/>? tls_in_sni *can* be blank, yes. Yes, we use *one* MX name for all the domains we host. That's what we do, yes. The SNI feature I'm only using, because we're in progress renaming the MX, so I'd like to support both certs, for the old MX name and for the new one. I wouldn't do that for many domains, as it doesn't scale well for millions of domains. You'd have to create a new cert for each domain you're about to host. I'm not sure if you want to do it. Yes, you can do it automagically, Even from within Exim. But the effort increments, as soon as you want to publish TLSA records and such, or wan't to obtain the certs from a public CA, or even both. Not impossible, but maybe PITA, depending on your ressources for setup, maintainance, monitoring and debugging. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/