Secure Email on VPS

davidcc

12 years ago
Answered

Having just moved from shared hosting to VPS, I am finding that the instructions in cPanel for email client setup don't work smoothly and a similar answer does not exist in the forums or support. I want to use SSL.

cPanel suggests host name: xx6clone.inmotionhosting.com

And, using vps95xx.inmotionhosting.com results in Mac Mail client 'flagging' the validity of the certificate. Shouldn't the client smoothly 'accept' the certificate?

It took a few tries to find the configuration secureXX.inmotionhosting.com on the shared server a few years ago.

Incidentally, if my VPS site has an installed SSL certificate, is it possible to use the host name: mysite.com? I'd prefer mail coming from my host and not from xxxx.inmotionhosting.com. (Email reputation is at stake.)

Replies 1

Newest first
Newest first Oldest first

JacobIMH

12 years ago

Hello davidcc, and thank you for your question. When attempting a secure connection to your VPS over SSL in your email client, it's going to try to validate the server's hostname that you have typed in, with the hostname that the SSL certificate was created for. You receive a warning in your email client when using vps9xx.inmotionhosting.com, because this is a self signed SSL certificate. You can take a look at an article I wrote on self signed SSL certificate warning for a more in-depth explanation, but basically because the certificate hasn't gone through a Certificate Authority (CA) your mail client will prompt you to accept the certificate. It should be perfectly safe to do this, and store the certificate exception in your mail client. You could use the secureXX.inmotionhosting.com on the shared server, because this was a dedicated SSL certificate we had in place, so any users on that server would use that hostname in their mail client to bypass any SSL warnings when using a secure connection. You can use your dedicated SSL certificate for a specific hostname, in WHM on your server if you have root access, you can go to Manage Service SSL Certificates, and install a new certificate for Courier (POP3) Mail Server for receiving mail via POP3 , or Courier (IMAP) Mail Server for receiving mail via IMAP, and Exim (SMTP) Server for sending mail. For example if the hostname you used was example.com for your SSL certificate. All of your other domains would simply want to use that hostname as their mail server address, and then they wouldn't get an SSL warning. The SSL certificate however is completely different than your server's hostname, which is what would be seen in mail headers as the server relaying your mail. That requires updating the full hostname of your server, and also updating PTR records so that mail continues to function properly. If that was something you'd be interested in having setup, you can contact our support department at [email protected], and you'd need to include the domain name you'd like to use as the main hostname for the server, as well as the last 4 digits of the credit card on file, or the current AMP password for your account for verification. Please let us know if you have any further questions at all. - Jacob

Reply Link