Problem Description
- You use a mail application like Apple Mail, Thunderbird or Outlook to retrieve your email from our servers.
- You can no longer access your email using that app and it will either simply not receive new messages and/or it will provide you with an error like:
- cannot verify server identity
- unable to connect to server
- The identity of “mail.<my_domain>” cannot be verified.
- The certificate for this server is invalid.
- Your mail application is configured to use mail.<yourdomain.com> or just <yourdomain.com> for incoming (IMAP) and/or outgoing (SMTP) connections
Sometimes when we update the SSL certificate we use to secure our mail services (necessary for security - more details here) it can cause mail apps to stop wanting to connect, even though it shouldn't.
This can even occur after a weeks or months long gap between when we change our SSL certificate and when your mail app stops connecting; This is because the expiry date can match up with an annual 'recheck' from when you last accepted the certificate mismatch. If the mail app were more user friendly, rather than simply providing an error, it would be presenting you with the new certificate and asking if it's OK to accept it manually again.
Problem Resolution
There are two ways to resolve this:
- In your mail app settings, change the server name for both incoming and outgoing mail from mail.<yourdomain.com> to the server's hostname, or
- Activate an SSL certificate for mail services and use <yourdomain.com>. Note: this can only be done if your website is hosted with us. If your website is hosted using a 3rd party service, you can only do option (1).
To complete either of these changes, you'll need to first identify the location in your mail app where both the incoming (IMAP) and outgoing (SMTP) mail configurations are specified, find the server hostname, server name, or host name fields, and change them to new values as described below.
Use Server Hostname
Change the server information from mail.<yourdomain.com> to the server hostname. If you need to find your server hostname, you can learn how to do this under the "Things you will need" section from our mail configuration reference article.
Here's a couple examples of server hostnames: cilantro.websavers.ca, basil.websavers.ca, but please ensure you look up the correct one to use using the reference article above.
Generate an SSL Certificate for Mail on your own Domain
Reminder: This can only be done if your website is hosted with us and not a third party provider as the SSL certificate installation process creates a web accessible file to validate your domain
Follow our guide to install a free Let's Encrypt certificate. When you get to step 7, be sure to check the box entitled: "Assign the certificate to the mail domain". If you already have a Let's Encrypt certificate, instead of the "Get it free" button, look for "Reissue Certificate" instead then follow the same steps.
Now change the server information in your mail app from mail.<yourdomain.com> to just <yourdomain.com> (as in remove the 'mail.' from the start) for both incoming and outgoing settings.
You may need to restart your mail app for the changes to take effect.
Note: in the future, Plesk will install the SSL certificate to work with mail.<yourdomain.com> as well, but this addition is still in progress.
Troubleshooting
Don't forget to check your spelling.
It's very common that your mail app gets 'stuck' trying to connect using the old configuration, so once you have changed the mail configuration for both Incoming/IMAP and Outgoing/SMTP, if it's still not working, try rebooting your device to force the changes to take effect.
Sometimes your mail app account config can become corrupt. Therefore, if the above steps do not resolve the problem, it's recommended to remove the account from your device and re-add it anew. When re-adding the account be absolutely sure to follow the matching guide for your mail app or use the settings described in our mail settings reference article.