I am starting to get the error “TLS Negotiation failed, the certificate doesn’t match the host.” when trying to send from Gmail/GSuite. It appears this is a widespread issue that Google created (https://support.google.com/mail/thread/38336515), but I was wondering if there is some nuance to the MXroute server setup that could be triggering this?
Apparently after Google’s recent change in the way they handle TLS certificates, you have to set the SMTP host as lisa.mxrouting.net (or your particular mxrouting.net server) instead of mail.mydomain.com (which historically has worked due to DNS CNAME)
Really, they don’t accept certs for CNAME’s? (URL?)
Good to know! Also quite odd. My guess is it’s something to do with SNI handling.