assume a dns cname record mail.<domain>, pointing to the hostname of the mail server, for clients to connect to

the autoconfig/autodiscover endpoints, and the printed client settings (in
quickstart, in the admin interface) now all point to the cname record (called
"client settings domain"). it is configurable per domain, and set to
"mail.<domain>" by default. for existing mox installs, the domain can be added
by editing the config file.

this makes it easier for a domain to migrate to another server in the future.
client settings don't have to be updated, the cname can just be changed.
before, the hostname of the mail server was configured in email clients.
migrating away would require changing settings in all clients.

if a client settings domain is configured, a TLS certificate for the name will
be requested through ACME, or must be configured manually.

mox-/config.go

@@ -279,6 +279,10 @@ func (c *Config) allowACMEHosts(log mlog.Log, checkACMEHosts bool) {
 					hostnames[d] = struct{}{}
 				}
 			}
+
+			if dom.ClientSettingsDomain != "" {
+				hostnames[dom.ClientSettingsDNSDomain] = struct{}{}
+			}
 		}
 
 		if l.WebserverHTTPS.Enabled {
@@ -1086,6 +1090,14 @@ func prepareDynamicConfig(ctx context.Context, log mlog.Log, dynamicPath string,
 
 		domain.Domain = dnsdomain
 
+		if domain.ClientSettingsDomain != "" {
+			csd, err := dns.ParseDomain(domain.ClientSettingsDomain)
+			if err != nil {
+				addErrorf("bad client settings domain %q: %s", domain.ClientSettingsDomain, err)
+			}
+			domain.ClientSettingsDNSDomain = csd
+		}
+
 		for _, sign := range domain.DKIM.Sign {
 			if _, ok := domain.DKIM.Selectors[sign]; !ok {
 				addErrorf("selector %s for signing is missing in domain %s", sign, d)