Ubuntu
postfix package

Bug #1868955
Comment #0

Comment 0 for bug 1868955

Revision history for this message

Jan Büren (kivijan) wrote on 2020-03-25: after upgrade to 20.04: posttls cannot connect to private/tlsmgr

My postfix configuration uses dane-only policies for some domains.
After upgrading from LTS 18.04 to the current developing LTS 20.04 this stopped working.

Compare the following commands:

Ubuntu 18.04:

$ posttls-finger -t30 -T180 -c -L verbose,summary bueren.space

posttls-finger: initializing the client-side TLS engine
posttls-finger: using DANE RR: _25._tcp.www.bueren.space IN TLSA 3 0 1 D7:BC:71:07:19:28:E7:97:F9:86:52:02:EB:90:99:4B:B1:DB:EE:8D:FF:B5:D5:6D:15:B2:D8:AC:25:99:AA:5F
posttls-finger: setting up TLS connection to www.bueren.space[31.15.68.4]:25

Ubuntu 20.04:

$ posttls-finger -t30 -T180 -c -L verbose,summary bueren.space

posttls-finger: initializing the client-side TLS engine
posttls-finger: warning: connect to private/tlsmgr: No such file or directory
posttls-finger: warning: connect to private/tlsmgr: No such file or directory
posttls-finger: warning: problem talking to server private/tlsmgr: No such file or directory
posttls-finger: warning: no entropy for TLS key generation: disabling TLS support

Sending email to this domains stopped working with the following (obviously wrong) error message in mail.log:

to=<email address hidden>, relay=none, delay=2126, delays=2126/0.01/0/0, dsn=4.7.5, status=deferred (non DNSSEC destination)

ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: postfix 3.4.10-1
ProcVersionSignature: Ubuntu 5.4.0-18.22-generic 5.4.24
Uname: Linux 5.4.0-18-generic x86_64
ApportVersion: 2.20.11-0ubuntu21
Architecture: amd64
Date: Wed Mar 25 11:22:11 2020
EtcMailname: mail.kivitendo.de
Hostname: www.kivitendo.de
InstallationDate: Installed on 2016-12-14 (1196 days ago)
InstallationMedia: Ubuntu-Server 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.3)
PostconfMydomain: kivitendo-erp.de
PostconfMyhostname: www.kivitendo-erp.de
PostconfMyorigin: /etc/mailname
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=de_DE.UTF-8
SHELL=/bin/bash
ResolvConf:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
nameserver 127.0.0.1
search kivitendo-erp.de
SourcePackage: postfix
UpgradeStatus: Upgraded to focal on 2020-03-02 (23 days ago)

My postfix configuration uses dane-only policies for some domains.
After upgrading from LTS 18.04 to the current developing LTS 20.04 this stopped working.

Compare the following commands:

Ubuntu 18.04:

$ posttls-finger -t30 -T180 -c -L verbose,summary bueren.space

Ubuntu 20.04:

$ posttls-finger -t30 -T180 -c -L verbose,summary bueren.space

Sending email to this domains stopped working with the following (obviously wrong) error message in mail.log:

to=<xxx@bueren.space>, relay=none, delay=2126, delays=2126/0.01/0/0, dsn=4.7.5, status=deferred (non DNSSEC destination)

ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: postfix 3.4.10-1
ProcVersionSignature: Ubuntu 5.4.0-18.22-generic 5.4.24
Uname: Linux 5.4.0-18-generic x86_64
ApportVersion: 2.20.11-0ubuntu21
Architecture: amd64
Date: Wed Mar 25 11:22:11 2020
EtcMailname: mail.kivitendo.de
Hostname: www.kivitendo.de
InstallationDate: Installed on 2016-12-14 (1196 days ago)
InstallationMedia: Ubuntu-Server 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.3)
PostconfMydomain: kivitendo-erp.de
PostconfMyhostname: www.kivitendo-erp.de
PostconfMyorigin: /etc/mailname
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 LANG=de_DE.UTF-8
 SHELL=/bin/bash
ResolvConf:
 # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
 #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
 nameserver 127.0.0.1
 nameserver 127.0.0.1
 search kivitendo-erp.de
SourcePackage: postfix
UpgradeStatus: Upgraded to focal on 2020-03-02 (23 days ago)

Ubuntupostfix package

Comment 0 for bug 1868955

Ubuntu
postfix package