Public bug reported: Binary package hint: dovecot-postfix
After dovecot-postfix was automatically upgraded this morning (http://www.ubuntu.com/usn/usn-1059-1) the config in /etc/postfix/main.cf was changed. Replacing my certificates with invalid ones. Discovered it by Thunderbird complaining about an invalid certificate when try to send mail via the smtp-server. Changes made by automatic upgrade: diff --git a/postfix/main.cf b/postfix/main.cf index ee075a3..b6c0119 100644 --- a/postfix/main.cf +++ b/postfix/main.cf @@ -57,10 +57,15 @@ smtpd_tls_security_level = may smtpd_tls_auth_only = yes smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes -smtpd_tls_cert_file = /etc/ssl/certs/xxxxx.crt -smtpd_tls_key_file = /etc/ssl/private/xxxxx.key +smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem +smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_tls_security_level = may smtp_tls_CAfile = /etc/ssl/certs/netsend_nl_chain.crt smtp_tls_note_starttls_offer = yes +home_mailbox = Maildir/ +smtpd_sasl_authenticated_header = yes +smtpd_sasl_security_options = noanonymous +smtpd_use_tls = yes +smtp_use_tls = yes Errors in /var/log/mail.log: Feb 8 09:25:27 lock postfix/smtpd[10607]: connect from xxxxx.versatel.nl[xx.xx.xx.xx] Feb 8 09:25:27 lock postfix/smtpd[10607]: setting up TLS connection from xxxxx.versatel.nl[xx.xx.xx.xx] Feb 8 09:25:27 lock postfix/smtpd[10607]: SSL_accept error from xxxxx.versatel.nl[xx.xx.xx.xx]: 0 Feb 8 09:25:27 lock postfix/smtpd[10607]: warning: TLS library problem: 10607:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1093:SSL alert number 48: Feb 8 09:25:27 lock postfix/smtpd[10607]: lost connection after CONNECT from xxxxx.versatel.nl[xx.xx.xx.xx] Feb 8 09:25:27 lock postfix/smtpd[10607]: disconnect from xxxxx.versatel.nl[xx.xx.xx.xx] ** Affects: dovecot (Ubuntu) Importance: Undecided Status: New ** Tags: certificate dovecot main.cf postfix -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. https://bugs.launchpad.net/bugs/715056 Title: invalid ssl-certificates in /etc/postfix/main.cf after security upgrade -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
