Manage multiple domains

You can host an email server and manage multiple domain names.

However, you should organize how you set this up.

Below are a few notes on how to achieve this.

smtpd

I suggest to create a file containing every hosted domain, one per line. Let's call il "/etc/mail/domains" :

athome.tld
domain.tld
other.bar

This, in "/etc/mail/smtpd.conf" you can write one line for multiple domains :

table domains "/etc/mail/domains"
...
match from any for domain <domains> action virtual_maildir

Take care of used TLS certificates. If you have a certificate for each domain, you can specify each of them in smtpd.conf. Make sure you have a default certificate in the end ("*").

pki athome.tld key "/etc/ssl/private/athome.tld.key"
pki athome.tld cert "/etc/ssl/athome.tld.crt"
pki domain.tld key "/etc/ssl/private/domain.tld.key"
pki domain.tld cert "/etc/ssl/domain.tld.crt"
pki other.bar key "/etc/ssl/private/other.bar.key"
pki other.bar cert "/etc/ssl/other.bar.crt"
pki "*" key "/etc/ssl/private/athome.tld.key"
pki "*" cert "/etc/ssl/athome.tld.crt"
...
listen on all tls
...
listen on all port submission tls-require auth <passwd>

HOWEVER, you can use only one certificate matching multiple domains. To do so, use "alternative names" in acme-client configuration. It is absolutely valid and much easier to manage. If so, configure smtpd as if there was only one certificate.

dovecot

Dovecot will need some care to handle certificates for each domain. Add sections "local_name" in its configuration so it looks like this :

ssl = yes
ssl_cert = </etc/ssl/athome.tld.crt
ssl_key = </etc/ssl/private/athome.tld.key
# no plaintext
disable_plaintext_auth = yes
local_name domain.tld {
        ssl_cert = </etc/ssl/domain.tld.crt
        ssl_key = </etc/ssl/private/domain.tld.key
}
local_name other.bar {
        ssl_cert = </etc/ssl/other.bar.crt
        ssl_key = </etc/ssl/private/other.bar.key
}

Here also, a single certificate for multiple domains is much more easier to set up.