Public bug reported: My postfix configuration uses dane-only policies for some domains. After upgrading from LTS 18.04 to the current developing LTS 20.04 this stopped working.
Compare the following commands: Ubuntu 18.04: $ posttls-finger -t30 -T180 -c -L verbose,summary bueren.space posttls-finger: initializing the client-side TLS engine posttls-finger: using DANE RR: _25._tcp.www.bueren.space IN TLSA 3 0 1 D7:BC:71:07:19:28:E7:97:F9:86:52:02:EB:90:99:4B:B1:DB:EE:8D:FF:B5:D5:6D:15:B2:D8:AC:25:99:AA:5F posttls-finger: setting up TLS connection to www.bueren.space[31.15.68.4]:25 Ubuntu 20.04: $ posttls-finger -t30 -T180 -c -L verbose,summary bueren.space posttls-finger: initializing the client-side TLS engine posttls-finger: warning: connect to private/tlsmgr: No such file or directory posttls-finger: warning: connect to private/tlsmgr: No such file or directory posttls-finger: warning: problem talking to server private/tlsmgr: No such file or directory posttls-finger: warning: no entropy for TLS key generation: disabling TLS support Sending email to this domains stopped working with the following (obviously wrong) error message in mail.log: to=<xxx@bueren.space>, relay=none, delay=2126, delays=2126/0.01/0/0, dsn=4.7.5, status=deferred (non DNSSEC destination) ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: postfix 3.4.10-1 ProcVersionSignature: Ubuntu 5.4.0-18.22-generic 5.4.24 Uname: Linux 5.4.0-18-generic x86_64 ApportVersion: 2.20.11-0ubuntu21 Architecture: amd64 Date: Wed Mar 25 11:22:11 2020 EtcMailname: mail.kivitendo.de Hostname: www.kivitendo.de InstallationDate: Installed on 2016-12-14 (1196 days ago) InstallationMedia: Ubuntu-Server 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.3) PostconfMydomain: kivitendo-erp.de PostconfMyhostname: www.kivitendo-erp.de PostconfMyorigin: /etc/mailname ProcEnviron: TERM=xterm-256color PATH=(custom, no user) LANG=de_DE.UTF-8 SHELL=/bin/bash ResolvConf: # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.0.1 nameserver 127.0.0.1 search kivitendo-erp.de SourcePackage: postfix UpgradeStatus: Upgraded to focal on 2020-03-02 (23 days ago) ** Affects: postfix (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1868955 Title: after upgrade to 20.04: posttls cannot connect to private/tlsmgr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1868955/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs