DNS Authorisation for Let's Encrypt
The problems with mail/webmail/lists subdomains could be obsolete, because a acmechallenge.lists.domain.tld txt record could be challenged.
So no problems with webroots etc.
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.