Applicable to:
- Plesk for Linux
- Plesk for Windows
Question
- How to make Plesk, mail autodiscover and Cloudflare work correctly?
- How to set up Plesk, mail autodiscover and Cloudflare to work together for a domain?
- How to configure Plesk, mail autodiscover and Cloudflare to work together for a website?
Answer
Note: The end goal of this setup is to leave mail.example.com in the DNS Only status on the side of Cloudflare and set up mail autodiscover on the side of Plesk to use mail.example.com as the Incoming and Outgoing mail server to be autodiscovered by mail clients
Note: These setup steps are entirely manual and should be executed only while the DNS Integration for Cloudflare® extension is not installed or used on the Plesk server
1. A Wildcard Let's Encrypt SSL certificate (or a Wildcard SSL from a different SSL vendor) must be issued and installed for example.com and the hostname of the server (server.example.com) on the side of Plesk
Note: SSL certificates issued by Cloudflare do not have the ability to secure mail server connections on SMTP, POP3 and IMAP ports, due to which they cannot be used to secure email transactions.
2. The domain should be using the Wildcard SSL certificate issued on the side of Plesk for mail transactions (Go to Plesk > Domains > example.com > Mail > Mail Settings tab, select the SSL/TLS certificate for mail, and press Apply)
3. SSL/TLS mode in Cloudflare for the domain should be set to Full (Strict)
4. The mail autodiscovery settings on the side of Plesk should be adjusted to use mail.example.com instead of example.com for the autodiscovery process initiated by mail clients. This can be done by doing the following:
Click on a section to expand
For a single domain
4a. Log into Plesk
4b. Go to Domains > example.com > Hosting & DNS > DNS
4c. Locate the SRV records for the domain
4d. Adjust the Value of each of the three SRV records from example.com to mail.example.com and save the changes
4f. Go to cloudflare.com, enter the DNS zone editor for the domain and make the same adjustments for the SRV records of the domain, by changing the Content from example.com to mail.example.com and save the changes
For all domains on the Plesk server
Warning: The mail configuration adjustments below will change the autodiscover settings for all Plesk domains on the server. From that point forward the domains will use mail.example.com instead of example.com as an Incoming and Outgoing mail server during mail autodiscover configuration request actions within mail clients
4a. Log into your Plesk server via SSH or RDP
4b. Open the /usr/local/psa/admin/conf/panel.ini (or %plesk_dir%adminconfpanel.ini on a WIndows server) file for editing with your favorite command-line text editor
4c. Add the following lines to the bottom of the file:
[mail]
clientConfig.incomingServer="mail.<domain>"
clientConfig…