On 08 Sep 2017, at 09:28, Вадим Бажов <[email protected]> wrote: > "I think it’s probably easier to just kick dovecot once a month." - > that's not good from system administration's point of view. You can > get into trouble when certificate is renewed but dovecot isn't > reloaded yet.
That's simply not possible. The cert renews well before it expires. > "it seems like checking the certs is something that dovecot should be > doing on its own" if dovecot loads it in memory, it shouldn't reread > certificates. Of course it should because certs are DESIGNED to expire and MUST expire, and dovecot certainly has the ability to see when the cert expires. > Why to take servers resources just 'because of something > may be changed' Something WILL be changed, absolutely certain of that. All certs expire. > restarting dovecot with no need ? restarting/reloading dovecot is trivial and takes far less time than writing a script to check the certs and then creating a crontab for that which also gives a tertiary point of failure. -- Apple broke AppleScripting signatures in Mail.app, so no random signatures.
