[nubinetwork]

And what if I want to run DNS and http on separate servers than my mail server?

[wolrah]

DNS-01 validation has nothing to do with where your DNS is hosted, all it takes is being able to create a DNS record to prove control over the zone.

[neoCrimeLabs]

The same thing everyone else does. Build automation, use configuration management, use cert manager or other similar solutions.

[neoCrimeLabs]

Update: Had less time to post than I realized, hence the terse reply.

Meant to say those solutions are in addition to Lets Encrypt. An X509 certificate is an X509 certificate, regardless if its for https, imaps, or smtps. If you're distributing your stuff across multiple hosts or containers, then it makes sense to use some sort of automation, configuration management, or certificate management/distribution system.