As multiple closing brackets were missing, dovecot didn’t restart after reboot today.
BTW: the “my-domain” and “other-domain” lines (marked in orange) must have been
set wrongly some time before.
Just want to know: as we don’t need these cert lines in dovecot.conf anyway,
is there a setting to switch this behaviour of virtualmin off? I mean - we need
only the mail server’s cert in dovecot and no other.
PS: resolved this by manually removing the superflouus lines. Versions:
I don’t think there is any way to disable it, but I think our priority is fixing it so it doesn’t break Dovecot, and as far as I know, it is fixed. But, if there are still issues, we need to figure out what they are.
But, then again, I do think “one main domain” is still a better and more manageable/reliable practice for mail for most users, so maybe we do need an option to not setup SNI for dovecot.
Funny this, my entire mail server went offline because somehow virtualmin mysteriously removed a closing bracket off the end of a single domains ssl directives . I cant believe it, how does this happen from an update exactly?
You could attempt to say i did it, however the mail server config file was auto generated and i havent touched it. By manually adding in the mysteriously missing closing bracket for that one domain resolved the issue immediately and the mail server starter working again.
Ok, thanx for your answer - I’ve always setup my servers so that I use only one mail server, and never had to think about the other certificates in dovecot.conf up to now. This “one mail server” has only one drawback AFAIK: if you move only one domain from a server to another, imap/pop3/smtp entries on the clients (and perhaps mx) have to be changed, too.
The good thing is: With one mail server, you have IMHO a better reputation and do need
only one feedback loop per big provider. Usually, if the mail server has only one IP - and sureley only one reverse dns - the mails of all hosted domains comes from this mailname/postfix server domain. So I found it always easier to adjust the autoconfig files with this single server name. If all domains
move to another host, may be you have a failoverip anyway and can move it along, too.