TLSA DANE DNS records

Hi guys,

I’m wondering if there is a way to do this when hosting multiple domain’s mail server aliases on a single postfix server.

Since postfix only use’s a single set of SSL keys is it possible not to get a mismatch with a TLSA DANE DNS record check for additional mail domains?

Cheers

Use a single domain as your mail MX.

Virtualmin is configured in postfix to use domains individually though?

I don’t know what you mean by that.

I simply set the MX in my DNS records and mta-sts to point to a single “master” domain.

All the other domains also get a perfect score at the DANE validator.

Seems to have sorted itself out after the certificates renewed. :+1: :+1: