You can use certbot on your mailserver using the standalone option, if port 80 is open (it will spin up it's own challenge response service on port 80), alternatively use a DNS validation option.
You can use certbot on your mailserver using the standalone option, if port 80 is open (it will spin up it's own challenge response service on port 80), alternatively use a DNS validation option.