Showing questions tagged: Show all questions

Confirmation e-mails

I do not have a junk folder in my left pane and have not created one in account settings. I have it enabled but fearing missing something important, I just delete them … (read more)

I do not have a junk folder in my left pane and have not created one in account settings. I have it enabled but fearing missing something important, I just delete them when flagged.

I have never heard from anyone telling me that their e-mails are not getting through.

The one thing I do notice is that when I create new accounts on web sites, I often do not get the confirmation e-mails.

Asked by JackNaylorPE 19 hours ago

Thunderbird MUST Be Caching TLS Certificates - Even Though It Doesn't ?!?!

Hi All, :-) I *know* (from various on-line posts over the years) that the accepted wisdom is that Thunderbird does *not* cache the TLS Certificates of the MDA(s) th… (read more)

Hi All, :-)

I *know* (from various on-line posts over the years) that the accepted wisdom is that Thunderbird does *not* cache the TLS Certificates of the MDA(s) that it connects too - however, I can come to no other conclusion but this based on the information and investigations I have been able to gather over the last several days.  :-(

Our MDA (Dovecot, with Postfix and back-ended by MariaDB) hosts a number of Email Domains, each with its own Let's Encrypt Certificate. Our Thunderbird clients correctly "obtain" (via SNI) the correct(?) TLS Certificate from the MDA for each given Email Domain - or at least, "obtains" the *old* (ie out of date / expired) Certs.

And here's the thing: I've just spent the last 2 days trying to work out why the "old" certs are still being "obtained".

I've:

  • Gone over the Dovecot (and Postfix) configs - nothing, all correct
  • Searched the Storage of the actual servers - only Certificates found are the *new* (ie renewed) ones
  • Confirming that the Certificates located are correct by inspecting them (using Step-CLI) - yes, they are correct
  • Cross-confirming (vi OpenSSH) that the correct (new) certificates are being server by Dovecot - yes, they are
  • Checked that the "old" Certificates do not exist *anywhere* on the mail server, the local PCs (Rocky Linux with KDE), nor the database server (on the server or in the database itself)
  • Cleaned the Thunderbird Certificate Stores of all but CA Certificates

And yet, Thunderbird bitches and complains that the MDA's Certificates are "out of date", and when I ask Thunderbird to show me the offending Cert it presents the correct (for the relevant Email Domain) but "old" (ie expired) Certificate.

So, could someone please help me out in working out WTF is going on?  :-)

And, FTR, I'm quite ready to "eat humble pie" if it turns out I've gone and Fire-trucked something - so feel free to tell me so if that's the case  :-)

Thanks in advance

Dulux-Oz

Asked by Dulux-Oz 6 days ago