I’m having issues setting up webmail for a web domain with dedicated IP.
After setting up everything with secondary dedicated IP, webserver works fine, so is mail, but webmail does not. When I visit URL webmail.example.com i get certificate error (certificate valid for example.com and www.example.com only, and roundcube is not listening correctly so instead of Roundcube, default web server opens.
I pointed webmail A record to primary IP adress and recreate mail domain and certificate as a workaround
How can I get roundcube listen to webmail.example.com when IP of the domain is different?
If needed I can setup an account or a server where the problem can be reproduced.
Thank you and best regards,
Hi Lupu. The issue is related.
I had no issues with mail subdomain (especially after workaround described here). Only with webmail subdomain.
The workaround is to revert webmail DNS A record to primary IP, reissue certificates for mail. and add both IP’s to domain’s SPF record like so:
"v=spf1 a mx ip4:0.0.0.1 ip4:0.0.0.2 -all"
I see this as roundcube web server problem, and not the letsencrypt problem.
Roundcube should handle and listen webmail.example.com even if IP addres is changed, and currently it is not.
This is important for me, because with dedicaded IP for domain (and mail server) I can set up rDNS and get much better antispam score.
Try adding the following line to $HESTIA/bin/v-add-sys-webmail at line 39
local_ip=$(get_object_value 'web' 'DOMAIN' "$domain" '$IP')
and then run
v-rebuild-mail-domain user domain.tld