Back to using C-panel. It's not feasible this way. My customers are not tech savvy enough to change their mail settings from mail.domain.tld to another domain because Plesk is still lacking this feature.

+1, most mail applications fill in mail.domain.com automatically when users provide their email-address. Because Plesk doesn't have an autodiscover feature either, it's confusing for many (not so tech-savvy) clients.

Yes please add this feature! C-Panel has it already. I have been trialing Plesk for a few weeks now, however without this feature I don't think I can migrate over from C-Panel which is frustrating as I like the Wordpress features in Plesk.

You could at least do it for dedicated ip's that an subscription hast it's own hostname answering with the right cert. on SMTP '/ IMAP/POP.

This should be possible by setting up postfix (master.cnf) like

::1:smtp inet n - - - - smtpd
127.0.0.1:smtp inet n - - - - smtpd
1.1.1.2:smtp inet n - - - - smtpd -o smtp_helo_name=domain2.tld -o myhostname=domain2.tld -o smtpd_tls_key_file= /usr/local/psa/var/modules/letsencrypt/etc/live/domaind2.tld/privkey.pem -o smtpd_tls_cert_file=/usr/local/psa/var/modules/letsencrypt/etc/live/domaind2.tld/fullchain.pem
1.1.1.1:smtp inet n - - - - smtpd -o smtp_helo_name=privat.tld -o myhostname=privat.tld -o smtpd_tls_key_file=/usr/local/psa/var/modules/letsencrypt/etc/live/privat.tld/privkey.pem -o smtpd_tls_cert_file=/usr/local/psa/var/modules/letsencrypt/etc/live/privat.tld/fullchain.pem
2a03:4000:x:y::1:smtp inet n - - - - smtpd -o smtp_helo_name=privat.tld -o myhostname=privat.tld -o smtpd_tls_key_file=/usr/local/psa/var/modules/letsencrypt/etc/live/privat.tld/privkey.pem -o smtpd_tls_cert_file=/usr/local/psa/var/modules/letsencrypt/etc/live/privat.tld/fullchain.pem
2a03:4000:x:y::2:smtp inet n - - - - smtpd -o smtp_helo_name=domain2.tld -o myhostname=domain2.tld -o ssmtpd_tls_key_file=/usr/local/psa/var/modules/letsencrypt/etc/live/domaind2.tld/privkey.pem -o smtpd_tls_cert_file=/usr/local/psa/var/modules/letsencrypt/etc/live/domaind2.tld/fullchain.pem

(as seen on https://www.mingblock.de/2018/04/plesk-onyx-und-der-mailserver/ -thx to Redhell)

due to DNS flexibility you should coincider geneating an cert for the record mail.DOMAIN.TLD

That way we have more flexibillity!

This feature is absolutely necessary. Please consider this as a priority.

iam also vote

@Daniel Hahn... I think this is not what the admins here are looking for. We are hoping for a multi certificate support. We want to give IMAP/POP/SMTP server names to our customers like e.g.:

mail.customer1.com
mail.customer2.com
mail.customer3.com

But this is not possible at the moment. We always have to give the Plesk server name to them, e.g.

my.ugly-isp-name-for-this-plesk-server.com

We also have the same problem for the Plesk backend login right now (but this is a different thread):

https://my.ugly-isp-name-for-this-plesk-server.com:8443/

I can say a lot of my customers need some extra attention because of this unsolved problem (not even talking about resellers).

And when my customers are moving to a new Plesk server we have a lot of work to change all client-side settings (mail software, ...).

@Michael Cron just called a script...
More you will find at: https://github.com/Powie/plesk_mailcert

@Daniel Hahn... Can you explain more in detail about your "single cron job" that solves that problem for you using Postfix MTA in Plesk? I think also the other admins would love to hear about that solution.

There are no plans to implement SNI in the Postfix SMTP server. cfr. http://www.postfix.org/TLS_README.html

would help me to remove one cron job ;-)
and should be state of the art

ensure mail with certificate would have to be resolved by Plesk either with Lets Encrypt or with any other provider from the Panel itself as users claim for years and automate mail autoresponders for the start and end , and be able to send backup copies to Google Drive, Onedrive in an easy way, although I believe that the latter has already been implemented.

Definitly, definitly needed in 2018.
Middle age of unsecured comunications ended last year :-)

Everyone would benefit greatly from it even if they don't know because it looks much more professional towards all your customers. I am absolutely surprised that this feature does not exist already and my only dissapointment for plesk so far

Yes, it is a vital demand for plesk ! Thank you

While this would be a great feature, my understanding is that postfix is incapable of serving certs on multiple hosted domains. Admin: is this incorrect? Would the implementation of this require a migration from postfix to something else?

No fraud attempt, this is the real deal and most of our clients are asking.

I like to reaffirm the aspect of migrating mail domains: Providers and Users should be free in choosing the mail server name and shouldn´t be forced to change mail client configuration. Otherwise it would cause unnecessary trouble and effort, multiplied by every single mail account in a domain.
I also like to give another important aspect. Plesk Servers give you the ability to run a mail-only server and it is an important factor for security and reliability when separating mail and web servers for customers. But today, the ACME process to activate a LE certificate depends on activated web service on a domain, because the LE API checks the MX record of the domain and tries to request a file from the domain via http. In my opinion, latter check is absolutely unnecessary for securing mail transport encryption. Everything the Certificate Authority needs to know wether the DNS authority acknowledges on which IP the mail service is running - and nothing more. Then the Plesk admin don´t have to bring in unnecessary effort for configuring the web service on every domain and loose server´s performance ressources only to provide http request of only one file, when the certificate installation or renew is running. Think about separating the certificate service from the webhosting section!

Hi IB,

Even though I'm not the OP, I would assume that it's somewhat implemented already in current Plesk editions. Another point, which I'm not sure if it's the OP's point of view, would be the SNI part which currently the mail servers (postfix/dovecot/mailenable) are lacking.

Good explanation of Anonymous! Thats exactly why we need this feature asap. Plesk has it since years.