Re: postfix for 2 domains on 1 vps 1 ip

[Zach Hopkins <hopkinsza%gmail.com@localhost>]

Multiple domains and certs with 1 http(s) server is straightforward.

As for postfix, many sources I saw said this wasn't possible without
having 2 IP addresses.
However, you can use an SNI map in postfix >3.4.0 -- see:
https://serverfault.com/questions/920436/set-up-certs-for-multiple-domains-in-postfix-and-dovecot

And the official documentation:
http://www.postfix.org/postconf.5.html#tls_server_sni_maps


Specifically, something like this should do:

main.cf
    # SNI map - make sure to compile with `postmap -F ...'
    tls_server_sni_maps = hash:/etc/postfix/sni

/etc/postfix/sni
    test1.example.com /some/path/test1.pem
    test2.example.com /some/path/test2.pem


I haven't tried this myself, so any input from those with experience
is welcome.

On Fri, Jan 1, 2021 at 8:46 AM Mayuresh <mayuresh%acm.org@localhost> wrote:
>
> I am faced with a requirement to merge the mail servers running on 2 VPSes
> into 1, with a single ip address on NetBSD 9.1 amd64.
>
> I searched around, mainly tls certificate of both domains being different
> looks a bit gray to me. Some posts say it is possible, while some cite
> issues with it.
>
> I can get into experimenting, but thought of getting a word of advice on
> the overall idea, feasibility, alternatives etc.
>
> If performance isn't critical, purely from networking point of view, would
> it be possible to run one of the domains in a VM so that both postfix
> instances can be watertight.
>
> Alternatively if getting 2 ip addresses is considered as an option would
> it ease anything?
>
> [Similar question would arise for http, but as of now one domain uses http
> and the other uses https, so that should be manageable.]
>
> --
> Mayuresh