Migrated from One server to Sunfire, should I change server names?

So we were on the One server which was recently upgraded to Sunfire. I have no problem with directadmin or getting everything squared away as per the “legacy server migrated to directadmin” directions. Though I would think of adding to your migration directions that if you had DKIM set up on Cpanel you will have to re-set it up for directadmin. That was also pretty easy to do once I figured out that it was no longer working. So now I am sitting here with everything working, but in checking to make sure mxroute had at least TLS 1.2 for incoming emails I came across this:

ssl : scheme=smtp cert=941128951*****
: identity=one-relay.mxroute.com cn=sunfire.mxrouting.net alt=2 sunfire.mxrouting.net
Cert Hostname DOES NOT VERIFY (one-relay.mxroute.com != sunfire.mxrouting.net | DNS:sunfire.mxrouting.net)
So email is encrypted but the host is not verified
cert not revoked by OCSP

So while I don’t completely comprehend exactly what is being reported here, it seems the fact that I have one server listed somewhere, probably in DNS as my mail provider, it is having a hard time with it being sunfire in reality. Should I update eveything to be listed as sunfire as opposed to one? What I don’t really want to happen is to trigger all my thunderbird installs to re-download everything as a new account just because I updated the server, that seems like a lot of data transfer for nothing. Everything seems to be working well for the most part, but I could imagine updating DNS or DNS and all my logins in thunderbird would probably streamline things a bit. Not sure what the best way for me to proceed is so I thought I would ask the pro’s. I guess my main goal would be to have as few errors as possible so everything is working as best it can.

Let me know your thoughts or if you need any more info.
Thanks,
Brett

Hmm. I thought it copied them over. Roger that, ty!

This is actually normal and should have always been true even before the migration. The “-relay” MX record is reserved for future build out, and should only be used if the primary is down. But you’ll note that they’re the same IP, so it shouldn’t be used at all right now. The goal of the backup MX record is to reserve the ability to add backup relays later. For the most part backup relays are not a big deal because MTAs have the job of retrying emails that can’t be delivered due to connection failures, which means that downtime does not result in lost inbound emails. However, I want room for unusual circumstances or a change in common behavior, and this way no one has to make any changes to facilitate movement in that direction.

You’re welcome to, but I’ve specifically configured this server to answer in every meaningful way to requests made to one.mxroute.com, ghost.mxroute.com, and sunfire.mxrouting.net. All three hostnames should provide identical results in every way that matters.

Jarland,

Thanks for the detailed and thorough answer. Given that everything is functioning as intended and that it all has been working well. I will just keep on going as I have been going. I appreciate your expertise and help with this.

Brett