As multiple closing brackets were missing, dovecot didn’t restart after reboot today.
BTW: the “my-domain” and “other-domain” lines (marked in orange) must have been
set wrongly some time before.
Just want to know: as we don’t need these cert lines in dovecot.conf anyway,
is there a setting to switch this behaviour of virtualmin off? I mean - we need
only the mail server’s cert in dovecot and no other.
Best regards,
Falko
PS: resolved this by manually removing the superflouus lines. Versions:
webmin:all/virtualmin-universal 1.954
webmin-virtual-server:all/virtualmin-universal 6.11.gpl
thanx for your answers. Yes, at the time of the letsencrypt-Run Webmin was perhaps at 1.953 at saturday evening. Update to 1.954 was on sunday before the reboot.
The above errors came from some “leftover” domains, not set to “only renew manually”.
But my question was:
Maybe this wasn’t clear enough. As I use only one host/domain per Server for mail/mx
for all domains, I don’t need all these certificate entries in dovecot.conf at all.
Is there a setting/way to disable entering these unneeded and error prown lines in
dovecot.conf at all? I think something like “postfix per ip” is comparable, isn’t it?
I don’t think there is any way to disable it, but I think our priority is fixing it so it doesn’t break Dovecot, and as far as I know, it is fixed. But, if there are still issues, we need to figure out what they are.
But, then again, I do think “one main domain” is still a better and more manageable/reliable practice for mail for most users, so maybe we do need an option to not setup SNI for dovecot.
Funny this, my entire mail server went offline because somehow virtualmin mysteriously removed a closing bracket off the end of a single domains ssl directives . I cant believe it, how does this happen from an update exactly?
You could attempt to say i did it, however the mail server config file was auto generated and i havent touched it. By manually adding in the mysteriously missing closing bracket for that one domain resolved the issue immediately and the mail server starter working again.
Ok, thanx for your answer - I’ve always setup my servers so that I use only one mail server, and never had to think about the other certificates in dovecot.conf up to now. This “one mail server” has only one drawback AFAIK: if you move only one domain from a server to another, imap/pop3/smtp entries on the clients (and perhaps mx) have to be changed, too.
The good thing is: With one mail server, you have IMHO a better reputation and do need
only one feedback loop per big provider. Usually, if the mail server has only one IP - and sureley only one reverse dns - the mails of all hosted domains comes from this mailname/postfix server domain. So I found it always easier to adjust the autoconfig files with this single server name. If all domains
move to another host, may be you have a failoverip anyway and can move it along, too.
