On 08 Sep 2017, at 12:21, Ralph Seichter <m16+dove...@monksofcool.net> wrote: > On 08.09.2017 19:51, @lbutlr wrote: >> How I would do it is IF the certificate is expired, the dovecot should >> check if there is a new cert and if so, load it.
> New cert as in file modification date or checksum changed? Either one, but checksum is going to be more reliable. > Might work. Still, from what I seem to remember, Dovecot loads certificate > data before dropping privileges, which is why reloading the data might be > problematic without some changes. Can't dovecot reload itself? That could be a problem if not. > Not worth spending development effort on, IMO, given that Dovecot can easily > be restarted by the external processes that update the cert (like Certbot > hook, Ansible, etc.). All I'm saying is that it's a failure event that doesn't need to occur. -- Apple broke AppleScripting signatures in Mail.app, so no random signatures.
