docs: Improve setting-up.md (#261)

* Update setting-up.md

replacing hostname mx.example.org by example.org accordingly to the rest of the tutorial which doesn't refer to it (i.e. DNS configuration).

* readding MX1, with more detail

* adding A entry for mx1

* fixing ========

docs/tutorials/setting-up.md

@@ -9,7 +9,7 @@ For purposes of clarity, these values are used in this tutorial as examples,
 wherever you see them, you need to replace them with your actual values:
 
 - Domain: example.org
-- MX domain (hostname): mx.example.org
+- MX domain (hostname): mx1.example.org
 - IPv4 address: 10.2.3.4
 - IPv6 address: 2001:beef::1
 
@@ -54,9 +54,15 @@ Your options are:
 Open /etc/maddy/maddy.conf with vim^W your favorite editor and change
 the following lines to match your server name and domain you want to handle
 mail for.
+If you setup a very small mail server you can use example.org in both fields.
+However, to easier a future migration of service, it's recommended to use a
+separate DNS entry for that purpose. It's usually mx1.example.org, mx2, etc.
+You can of course use another subdomain, for instance: smtp1.example.org.
+An email failover server will become possible if you forward mx2.example.org
+to another server (as long as you configure it to handle your domain).
 
 ```
-$(hostname) = mx.example.org
+$(hostname) = mx1.example.org
 $(primary_domain) = example.org
 ```
 
@@ -75,9 +81,13 @@ paths in. You need to make sure maddy can read them while running as
 unprivileged user (maddy never runs as root, even during start-up), one way to
 do so is to use ACLs (replace with your actual paths):
 ```
-$ sudo setfacl -R -m u:maddy:rX /etc/ssl/example.org.crt /etc/ssl/example.org.key
+$ sudo setfacl -R -m u:maddy:rX /etc/ssl/mx1.example.org.crt /etc/ssl/mx1.example.org.key
 ```
 
+maddy reloads TLS certificates from disk once in a minute so it will notice
+renewal. It is possible to force reload via `systemctl reload maddy` (or just
+`killall -USR2 maddy`).
+
 ### Let's Encrypt and certbot
 
 If you use certbot to manage your certificates, you can simply symlink
@@ -89,9 +99,16 @@ You still need to make keys readable for maddy, though:
 $ sudo setfacl -R -m u:maddy:rX /etc/letsencrypt/{live,archive}
 ```
 
-maddy reloads TLS certificates from disk once in a minute so it will notice
-renewal. It is possible to force reload via `systemctl reload maddy` (or just
-`killall -USR2 maddy`).
+### ACME.sh
+
+If you use acme.sh to manage your certificates, you could simply run:
+
+```
+mkdir -p /etc/maddy/certs/mx1.example.org
+acme.sh --force --install-cert -d mx1.example.org \
+  --key-file       /etc/maddy/certs/mx1.example.org/privkey.pem  \
+  --fullchain-file /etc/maddy/certs/mx1.example.org/fullchain.pem
+```
 
 ## First run
 
@@ -112,8 +129,10 @@ own). Here is how your DNS zone should look like:
 example.org.   A     10.2.3.4
 example.org.   AAAA  2001:beef::1
 
-; It says that "server example.org is handling messages for example.org".
-example.org.   MX    10 example.org.
+; It says that "server mx1.example.org is handling messages for example.org".
+example.org.   MX    10 mx1.example.org.
+; Of course, mx1 should have an entry as well:
+mx1.example.org.   A     10.2.3.4
 
 ; Use SPF to say that the servers in "MX" above are allowed to send email
 ; for this domain, and nobody else.
@@ -144,13 +163,14 @@ at https://mta-sts.example.org/.well-known/mta-sts.txt:
 ```
 mode: enforce
 max_age: 604800
-mx: mx.example.org
+mx: mx1.example.org
 ```
 
-**Note**: mx.example.org in the file is your MX hostname, example.org in URL is
-the domain you are receiving messages for. In simple configurations, they are
-may be the same, but this is not the case for more complex setups.
-If you have multiple MX servers - add them all once per line, like that:
+**Note**: mx1.example.org in the file is your MX hostname, In a simple configuration,
+it will be the same as your hostname example.org.
+In a more complex setups, you would have multiple MX servers - add them all once
+per line, like that:
+
 ```
 mx: mx1.example.org
 mx: mx2.example.org