Hi all, recently we were working on this bug: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1885403.
For summarizing, when running posttls-finger, it attempts to connect through private/tlsmgr, and unless the program is being run from /var/spool/postfix, this fails and posttls-finger disables TLS in the subsequent connection that it makes to the specified SMTP server: root@impish-squid-postfix::/home/ubuntu# posttls-finger mx.dmz.tait.net.nz posttls-finger: warning: connect to private/tlsmgr: No such file or directory posttls-finger: warning: connect to private/tlsmgr: No such file or directory posttls-finger: warning: problem talking to server private/tlsmgr: No such file or directory posttls-finger: warning: no entropy for TLS key generation: disabling TLS support posttls-finger: Connected to mx.dmz.tait.net.nz[114.23.142.178]:25 posttls-finger: < 220 mx.tait.net.nz ESMTP Postfix (Ubuntu) posttls-finger: > EHLO impish-squid-postfix.lxd posttls-finger: < 250-mx.tait.net.nz posttls-finger: < 250-PIPELINING posttls-finger: < 250-SIZE 20480000 posttls-finger: < 250-STARTTLS posttls-finger: < 250-ENHANCEDSTATUSCODES posttls-finger: < 250-8BITMIME posttls-finger: < 250-SMTPUTF8 posttls-finger: < 250 CHUNKING posttls-finger: > QUIT posttls-finger: < 221 2.0.0 Bye After some researching (that you can see in the link above), we discover that if we remove the -BSymbolic-functions from LDFLAGS when building, the problem goes away. After this, we think that something with the exposure/rellocation of the folder for the servicename on the shared library can be the origin of this behaviour. Please, could you take a look at this? In the meantime, we do the building without the flag starting from the earlier affected version in Ubuntu (3.4.10) to the latest we're handling (3.5.6) on Impish series. Postfinger output can be found here: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1885403/+attachment/5523252/+files/postfinger-output-3.5.6-Ubuntu_Impish.txt . Thanks in advance and thank you for your time reading this! ---- Miriam EspaƱa Acebal Software Engineer, Ubuntu Sever Team Canonical Ltd.
