Hello Matthias, Am 31.12.21 um 20:05 schrieb Matthias Andree: >> What must be done to get it working again?
This question has not been answered. I could only find out that this problems did arrive with the introduction of TLS1.3. > Unless you own "mydomain.de" you've now hit innocent bystanders, and in > that case, making up log data with a domain you do not own is not helpful. The security relevant logdata is of course anonymized or altered. > > If Thunderbird can fetch, either it has a local trust setting, or you've > missed installing the ca-certificates package, or, as László suggested, > the certificate is self-signed and you have not installed the signing > CA's certificate in the trust store. The OS of the client PC with Thunderbird and of the mailserver has not been upgraded, so why there should appear any problem? The problem only appears on the upgraded server, that downloads the emails and provides them internally. There where no problems with the upgrade of exim or dovecot, only with fetchmail. In the Internet are a mass of similar problems with fetchmail, but no description what exactly must be done to solve it. So maybe it would be a good idea to create such needed certificates with the upgrade scripts. Happy new year karsten
