Make sure they are using SPF SRS, or you will lose any mail from a sender that has -all in their SPF record.
(If you forward to gmail, google will let you know that they don't with occasional red icons where the contact profile picture should be)
2 Likes
Looks like they've got it covered.. thanks for the pointer!
1 Like
Well, snap did make it easy to completely remove the certbot installation... 
I decided to abandon certbot and obsolete plugins with no migration guidance. acme.sh turned out to be far superior. They also support many more DNS providers.
I ended up using their DNS alias mode to centralize multi-domain certificate management on a single DigitalOcean api key (namecheap presented several limitations).
Note that acme.sh changed their default provider to ZeroSSL, but they still support LetsEncrypt.
Thanks all!
3 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.