Webmail, Mailing Lists, and Security on DreamHost


#1

I’m shocked, frankly, that it’s been this many years and there still isn’t a solution for the problem of security for our webmail and mailing list servers on DreamHost. I see posts going back more than a decade about this problem. The lack of progress is stunning, really, considering how critical security is in this day and age, and how many bad actors there are in the world trying to get at our information.

The inability to provide proper, valid security certificates for our webmail.* and lists.* servers is incredibly disturbing. Yeah, they’re using the general DreamHost certificate, but browsers are all implementing increasingly scary warnings for this scenario because it’s so easily manipulated with ill intent.

Given the ease with which we’re able to add certificates from Let’s Encrypt and elsewhere to our sites now (thank you, DreamHost, for supporting Let’s Encrypt!), it should be close to trivial to offer the option to add the same certificate with a wildcard (supported by Let’s Encrypt since March 13, 2018), a specific set of subdomains (using SAN, also supported by LE), or a different certificate entirely, but with the correct domain information, to these mail service domains.

Certainly using a wildcard should make it pretty easy to set these things up; just let us choose whether or not we want a wildcard cert when obtaining a certificate, and then put it on all the subdomains from there out. Using SAN would take a little more setup work but would be nice in that it could be more specific about what subdomains would be covered. For my needs, though, a wildcard cert would be fine (I want all my domains and subdomains to be secured).

Please, please fix this, DreamHost! This madness has gone on long enough!

Eric Shepherd


#2

It is disappointing but then again DreamHost seems to not care about customer feedback there is so much here for years that would be easy to implement but they choose to not listen and implement.

Also looks like DreamHost lost their Community Manager who was doing better than past employees to elevate feedback.


#3

Emailed support and they said basically SSL is not coming for mailing lists or webmail they said its a huge undertaking and they have a small team.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.