Hi, I am just wondering how a efficient setup for TLS/DNS for exim looks like:
Right now I have an A entry in the DNS server for smtp.<domain> and a letsencrypt certificate as well. If I setup a new server and call it SMTP2, I need to reconfigure this in all my email clients. If I install the SMTP certificates, testing is somewhat limited, since the DNS entry still points to another server and I would need to fake this. Does anybody know if I can have a certificate for <hostname>.<domainname> and use for smtp a CNAME? The advantage I would see is that I can have a fully functional config and with disabling the SMTP name on the old system and changing the CNAME in the DNS system, I could be done. Does anybody now if the standard email clients can handle the situation in which them get as SMTP server a cname and as certificate the <hostname> the SMTP cname points to? Many thanks Rainer -- Rainer Dorsch http://bokomoko.de/
