Public bug reported: Postfix 2.9.6-1~12.04.1 on Ubuntu 12.04.4 LTS
I did apt-get upgrade to the host in question and found out that /etc/postfix/main.cf was silently changed (I was not asked to validateverify changes) (/var/log/apt/term.log) Setting up mail-stack-delivery (1:2.0.19-0ubuntu2.1) ...^M Mail stack delivery changes some postfix settings.^M Old values are stored in /var/backups/mail-stack-delivery/main.cf-backup.^M Feel free to revert any of them when the process is done.^M Configuring postfix for mail-stack-delivery integration: .................... done.^M Change summary: 1. It decided to change my tls files to default values smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem 2. It deleted entries in smtpd_recipient_restrictions diff /etc/postfix/main.cf /tmp/main.cf 45c45,56 < smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination --- > smtpd_recipient_restrictions = > reject_non_fqdn_recipient, > permit_mynetworks, > permit_sasl_authenticated, > check_client_access hash:/etc/postfix/access, > check_helo_access hash:/etc/postfix/access, > check_sender_access hash:/etc/postfix/access, > reject_unknown_recipient_domain, > reject_unauth_destination, > reject_rbl_client sbl-xbl.spamhaus.org, > check_sender_mx_access cidr:/etc/postfix/bogus_mx, > permit 118,123d128 < smtpd_sasl_authenticated_header = yes < smtpd_sasl_local_domain = $myhostname < smtpd_sender_restrictions = reject_unknown_sender_domain < mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}" < smtpd_tls_mandatory_protocols = SSLv3, TLSv1 < smtpd_tls_mandatory_ciphers = medium and changed the command used by postfix to pass emails to dovecot. Note that before I had a command similar to the mailbox_comand but in /etc/postfix/main.cf, flags=DRhu user=virtual:virtual argv=/usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-dovecot-postfix.conf -f ${sender} -d ${recipient} Which was then rewritten as flags=DRhu user=virtual:virtual argv=/usr/lib/dovecot/dovecot-lda -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -f ${sender} -d ${recipient} as dovecot-lda replaces deliver for dovecot 2.X. Incidentally, deliver is now an alias to dovecot-lda, ls -lh /usr/lib/dovecot/deliver lrwxrwxrwx 1 root root 11 May 14 14:24 /usr/lib/dovecot/deliver -> dovecot-lda probably as a stopgap until people change their configs. 3. There are a few more additions done to main.cf but they do not seem to be bad, so I am going to brush over them. So, why was the file changed without warning? Were some of the options I used -- reject_rbl_client comes to mind -- deprecated? Still that does not warrant a silent change. ** Affects: postfix (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1323704 Title: main.cf silently modified during postfix 2.9.1-4 upgrade on 12.04LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1323704/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs