[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
This bug was fixed in the package dovecot - 1:1.1.11-0ubuntu11 --- dovecot (1:1.1.11-0ubuntu11) karmic; urgency=low [Ante Karamatic] * debian/dovecot-postfix.postinst: - reduce smtpd_tls_mandatory_ciphers to medium (LP: #365390) * debian/dovecot-postfix.README.Debian: - introduction and features of dovecot-postfix * debian/rules: - install debian changelog in dovecot-postfix -- Chuck ShortWed, 14 Oct 2009 21:30:36 -0400 ** Changed in: dovecot (Ubuntu) Status: Confirmed => Fix Released -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
Unlike proposed patch, this one defines smtpd_tls_mandatory_ciphers. Reason for that is that dovecot-postfix supports installation on top of existing configuration. Since the idea of dovecot-postfix is to provide sane defaults, chosen by Ubuntu Server Team, we define all configuration options, even though many of them are same by default. That way we can 'fix' configurations with "smtpd_tls_mandatory_ciphers=low". True, we also break those with "smtpd_tls_mandatory_ciphers=high". With current implementation we can't make everybody happy :/ ** Attachment added: "dovecot-postfix.debdiff" http://launchpadlibrarian.net/33691248/dovecot-postfix.debdiff -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
Steve Kowalik wrote: > If this going to be fixed in Jaunty, it needs to be fixed in Karmic > first, and the debdiff corrected for a upload to jaunty-proposed. > Jonathon, are you willing to do this to get this fixed in Jaunty? It is fixed in Karmic. I'll prepare debdiffs for jaunty later today. -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
If this going to be fixed in Jaunty, it needs to be fixed in Karmic first, and the debdiff corrected for a upload to jaunty-proposed. Jonathon, are you willing to do this to get this fixed in Jaunty? -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
The problem is still present in Jaunty and the patch fixes it. Could you please release an updated deb in jaunty-updates? -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
@Mathias: That's fine. I was just following the example set by some other parameters in that same file, very close to the line being discussed, such as set_postfix_option "smtpd_tls_mandatory_protocols = SSLv3, TLSv1" and also set_postfix_option "tls_random_source = dev:/dev/urandom" which seem to me to be setting things to the same value as the default. I therefore thought there must be a reason for doing it this way, and so I carefully followed the example set by the creators of this script :) I think it would be good to be consistent about this, and *only* set things which are non-default, unless there really is a valid reason for doing otherwise? Attached is a new debdiff that just removes the one line for smtpd_tls_mandatory_ciphers. If you feel we should also remove the others that set things the same as the default, let me know :) BTW, I looked at doing this as a bzr branch, but was puzzled by the branch name being ubuntu-intrepid, so I just did a debdiff instead, rather than risk a mistake of using the wrong bzr branch! Jonathan ** Attachment added: "dovecot-lp365390.debdiff" http://launchpadlibrarian.net/26826590/dovecot-lp365390.debdiff ** Tags added: patch -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
Thanks for preparing a debdiff. Considering that the default value for smtpd_tls_mandatory_ciphers is medium it makes more sense to just remove the set_postfix_option "smtpd_tls_mandatory_ciphers = medium, high" line rather than replacing it with set_postfix_option "smtpd_tls_mandatory_ciphers = medium". -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
** Changed in: dovecot (Ubuntu) Status: In Progress => Confirmed -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
Debdiff attached. Note that this is hand edited to remove over 5MB of cruft generated because the dovecot build regenerates a lot of autotools files that are in the original source tarball and does not take care of replacing them in its clean target. But that's (I think!) a totally separate packaging bug. Jonathan ** Attachment added: "dovecot_1.1.11-0ubuntu5.debdiff" http://launchpadlibrarian.net/25872190/dovecot_1.1.11-0ubuntu5.debdiff -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
Fix created, will upload debdiff soon. ** Changed in: dovecot (Ubuntu) Status: Confirmed => In Progress -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
unable to set package name to dovecot-postfix ** Changed in: dovecot (Ubuntu) Status: Incomplete => Confirmed -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
bug only seen when dovecot-postfix is installed, not when installing just postfix. ** Package changed: postfix (Ubuntu) => dovecot (Ubuntu) -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365390] Re: postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf
I am unable to duplicate this here in a Jaunty (rc) virtual machine. The default /etc/postfix/main.cf file does not seem to contain an entry for smtpd_tls_mandatory_ciphers when I install postfix. I also unpacked the postfix 2.5.5-1.1 source package and do not see any obvious sign of this in there. Please provide full details on exactly how you installed postfix, and if you were asked any configurations questions by debconf when installing, how you answered them. I suspect that the problem here may lie in another package, not postfix itself? In particular, did you install the dovecot-postfix package? Jonathan ** Changed in: postfix (Ubuntu) Status: New => Incomplete -- postfix: invalid value for smtpd_tls_mandatory_ciphers in main.cf https://bugs.launchpad.net/bugs/365390 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs