Virtual server on a subdomain which is hosting a mailserver on a subdomain...from another domain

Hi there!
I think I’m over my head with this project but I feel i’m close enough to make complete

I will deploy the config of my current setup
I have a domain, let’s call it, on a shared hosting
I have created a subdomain on and added the A record so that the subdomain points to the ip address x.x.x.x I was given from the VPS hosting
I have installed the following on my VPS with the LEMP option.
** CentOS Linux 7.7.1908
Webmin version 1.941
Usermin version 1.791
no website or mail server is beeing used on this subdomain
later I aquired a second domain on another shared hosting for a small website.
i wanted to pass the mail hosting part of this hosting to my VPS. so I created a virtual server on the VPS with the name and added the A and MX records for the and to point to the VPS,
this is a redacted version of my dns records on NS A x.x.x.x (dns from hosting NS A x.x.x.x (dns from hosting) A x.x.x.x (dns from hosting) A x.x.x.x (vps ip) MX (10) A x.x.x.x (vps ip) A x.x.x.x (dns from hosting) CNAME TXT v=spf1 +a +mx -all TXT v=DMARC1; p=none CNAME A x.x.x.x (vps ip) A x.x.x.x (vps ip)

and now comes the tricky part…
Virtualmin configured most of the parts alone for the new Virtual server, I configured it to get a lets’encrypt cert for and created the nginx rule to return the https instead of the http site, then I installed roundcube in public_html, so I can access it from the webmail subdomain.
and below are the DNS records on the vps for the virtual server

 $ttl 38400
@	IN	SOA (
			38400 )	IN	NS	IN	NS	IN	A	x.x.x.x (ip from hosting2)	IN	A	x.x.x.x (ip from hosting2)	IN	A	x.x.x.x (ip from hosting2)	IN	A	x.x.x.x (ip from hosting2)	IN	A	IN	A	x.x.x.x (vps ip)	IN	A	x.x.x.x (vps ip)	IN	MX	5	IN	TXT	"v=spf1 a mx ip4:x.x.x.x (vps ip) ~all"	IN	TXT	"v=DMARC1; p=none; pct=100;;"	IN	A	x.x.x.x (vps ip)	IN	A	x.x.x.x (vps ip)	IN	TXT	( "v=DKIM1; k=rsa; t=s; p=long_key_here"
	"very_long_key_here_5" )	IN	TXT	"v=spf1 a mx ip4:x.x.x.x (vps ip) ?all"

what I have accomplished so far?
I can send and receive e-mails from within roundcube…I can have thunderbird use autoconfigure to get most of the settings for the mail service.
The spf1 and dmark record from the dns helps so that my e-mails are not considered spam on google.
when thunderbird is asking for a certificate I’m getting the certificate!
if I use the mxtoolbox service to check the mail server on (not it is getting a response from the actual mail server and not the one defined on the MX record.
I selected CRAM-MD5 and DIGEST-MD5 on dovecot and upon hitting the apply button it crashes and I have to restart the VPS for dovecot to recover. Althouth I have removed these options, I’m experiencing a strange behavior that alghough Dovecot is running the server dashboard and Dovecot configuration Page say that it is NOT running.

[root@vpsdomain1 user]# systemctl status dovecot.service
● dovecot.service - Dovecot IMAP/POP3 email server
   Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Mon 2020-02-03 21:42:19 EET; 28min ago
     Docs: man:dovecot(1)
  Process: 2577 ExecStop=/usr/bin/doveadm stop (code=exited, status=75)
  Process: 4081 ExecStart=/usr/sbin/dovecot (code=exited, status=89)
  Process: 4075 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS)
 Main PID: 1479 (code=exited, status=0/SUCCESS)

Feb 03 21:42:19 systemd[1]: Starting Dovecot IMAP/POP3 email server...
Feb 03 21:42:19 dovecot[4081]: master: Fatal: Dovecot is already running with PID 3674 (read from /var/run/dovecot/
Feb 03 21:42:19 dovecot[4081]: Fatal: Dovecot is already running with PID 3674 (read from /var/run/dovecot/
Feb 03 21:42:19 systemd[1]: dovecot.service: control process exited, code=exited status=89
Feb 03 21:42:19 systemd[1]: Failed to start Dovecot IMAP/POP3 email server.
Feb 03 21:42:19 systemd[1]: Unit dovecot.service entered failed state.
Feb 03 21:42:19 systemd[1]: dovecot.service failed.

thank you in advance if you can help me with anything!

just an update to my situation…
searching through the forums I managed to fix the certificate on thunderbird issue by fixing the entries in the dovecot.conf file
the system had made entries with local_name and but not one for the since it didn’t know about it…(my fault because of the name of the virtualserver!)
so now I have
local_name {
ssl_cert = </home/domain2/ssl.cert
ssl_key = </home/domain2/ssl.key
ssl_ca = </home/domain2/
local_name {
ssl_cert = </home/domain2/ssl.cert
ssl_key = </home/domain2/ssl.key
ssl_ca = </home/domain2/

Also Dovecot now seems to work OK for no apparent reason!
so two problems down…
I would like some help on my DNS configuration for someone to tell me if i can make it any better
Any help is appreciated, since it’s my first built and still learning…