All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Unbranded mxroute - How to rebrand
Hi there,
I grabbed (another) mxroute account during Cyber Monday. It has been provisioned on an unbranded server.
So question is, how can I rebrand it to my own domain? @jarland mentioned, that AutoSSL was available via cpanel (see https://www.lowendtalk.com/discussion/130487/mxroute-email-hosting-black-friday-starting-at-5-year), but since he also mentioned not to ask him to setup custom hostnames, I'm asking here instead :-)
What I did so far:
- Set an A record for mail.mydomain.tld, pointing to the server's IPv4
- Setup AutoSSL for mail.mydomain.tld
Connecting with HTTPS to port 2083 (cpanel) or 2096 (webmail) works and the server presents the correct certificate. However, when I use openssl s_client to connect with STARTTLS to the SMTP or IMAP servers on mail.mydomain.tld it will present mxroute's wildcard certificate that of course does not cover mail.mydomain.tld.
Is there any way to have mydomain.tld's MX record point to its own mail subdomain? Even if it would present the correct certificate, it still sends the original hostname with EHLO. Would that be a problem for mail delivery?
Did anybody try to configure something like this? Or is it really just intended for rebranding the webmail server?
Cheers,
Michael
Comments
Would you be kind enough to remove the server hostname? It's no longer as unbranded if it's published.
Sure, sorry about that..
Thanks
I do intend to document this process soon btw. By soon I'm kind of hoping this week, but it's hard to say for sure.
Ok, apparently I'm just too stupid to use openssl s_client properly. I assumed that it would also use the connect host for TLS SNI, but it doesn't. After also specifying -servername mail.mydomain.tld, the IMAP and SMTP server present the Let's Encrypt certificate for mail.mydomain.tld :-)
So only one question remains: is it a problem that SMTP server identifies itself with the mxroute Domain upon connection? Does any MTA implementation check this against the MX for the domain?
That'll be expected as it should be declaring the server hostname there. Reasons like that will be why I've used another domain and not published it, to give just a bit more "white label" feel.
@jarland, did you have a chance to document this process? I'm interested as well.
I've looked at the Knowledge Base and I couldn't find it.
No, agentmisha avatar was top priority
I can't argue with that. ;-)
guys ! let @jarland to take his own vacations with 2-3 sisters , hi just relese administrator role here so the guy is with beers-sisters now ... like me and my @nekki !
jarland is already busy with his new forum
Guys feel free to open a ticket should you need any help
Cheers!
@hostdare, What forum is that?
highendchat.com right @jarland?
It actually works exactly like I described above: set an A record for a subdomain to point to the mxroute server and use AutoSSL in cpanel to create a certificate for it. Make sure to create a Let's Encrypt certificate, not a self-signed certificate. Afterwards you can connect to the SMTP and IMAP server using your own subdomain. You can also test it with openssl s_client, just make sure to use the -servername parameter.
And note that this only works on the unbranded servers..
It worked for me too, I just created a CNAME instead. After re-triggering AutoSSL, what's really neat is that the instructions everywhere now switch over to using the subdomain (
mail.example.com
). The only thing I'd like for @jarland to implement is a redirect fromhttps://mail.example.com
tohttps://mail.example.com:2096
and that's it -- a perfectly fantastic setup. I just bought a yearly BF offer, which was luckily still available (had a $5 plan earlier).Hope to make this process more clear and defined this weekend. Just released a new control panel theme that wasn't focused on design, but in simplifying process across the feature set. The white label part didn't make it out for first iteration, having some fun with angularjs before it's finalized.
Basically I just want to have a clear path to what to do, what to expect, and how to verify the status. There's a fairly small amount of work left to have that all streamlined.
Do webmail.yourdomain.tld and it won't require the :2096
Totally missed that, thanks!
How long do you think until you post the guide? I was going to do it now but if you plan on posting it within the next little while I'll just wait to make sure I do it properly.
Yes also looking forward to this and and also add a easy option to migrate users email accounts with their data to mxroute.
Have been looking how to do it for a while. Thanks!
interested as well, going to be following this thread...
I would additionally recommend this only be done on a setup that allows for dynamic DNS. Otherwise a changed IP on mxroute could easily result in a broken setup. If you run your own DNS you could have it track the mxroute server and update the A DNS entry if the mxroute servers IP ever changed.
That's exactly what CNAME records are for.
The short version is make CNAME records for mail and webmail subdomains pointing to the server hostname. Don't use cloudflare proxy or anything like that. Wait for autossl to run, if you're wondering how long that is just check it tomorrow. Status of certificates can be viewed in Custom SSL in panel. We won't offer insight or support on those errors right now, just not prepared for the volume so proceed at your own risk.
Mail = IMAP/POP/SMTP.
Webmail = Webmail would port 2096 needed
Hopefully by end of tomorrow I have documented the expectations and troubleshooting steps. That's really the key, letting people know what to expect and how to verify or fix. I'm also working on improving the UI around that, which is why it's taking a while.
Trying to make sure that what I do here doesn't increase ticket volume, I need to reverse the trend of customer to ticket ratio by simplifying the product and processes.
https://billing.mxroute.com/index.php?rp=/knowledgebase/47/How-to-use-custom-hostnames-for-SMTPorIMAPorPOP-and-Webmail.html
So is it recommended or not? Better to explicitly say that you're on your own if that's what you mean to convey ...
Neither recommended nor not recommended. It works, you'll get email, but when you do a DNS lookup chances are your custom hostname will be replaced by the software and display the server hostname anyway.
If you made it an A record to the server IP that wouldn't happen, but I can't guarantee that I won't change an IP without announcement.
@jarland when navigating to mail.mydomain.tld in a browser, there are entries for additional "addon/sub" domains used with mxroute. Is that expected? I don't necessarily want the different domains to be visibly associated in any way.
Thanks for writing up these highly anticipated instructions.
I'll work on covering that up next