On Wed, Oct 27, 2021 at 11:34:57AM +1100, raf wrote:
> > Is there a way, given a new warning about compatibility_level (say
> > you've been running with 3_5, and you're now running 3_6), to see
> > what changes to your config are effectively made by enabling that
> > level? (effectively, to show a defaults-diff, or any commands whose
> > behavior may not have the same meaning under a previous version)?
>
> I don't think there's a program to show this,
With `bash` inline /dev/fd/ files:
$ diff -U0 <(postconf -x -o compatibility_level=2) <(postconf -x -o
compatibility_level=3.6)
--- /dev/fd/63 2021-10-26 20:37:10.809193000 -0400
+++ /dev/fd/62 2021-10-26 20:37:10.810200000 -0400
@@ -64 +64 @@
-compatibility_level = 2
+compatibility_level = 3.6
@@ -305 +305 @@
-lmtp_tls_fingerprint_digest = md5
+lmtp_tls_fingerprint_digest = sha256
@@ -514 +514 @@
-process_id = 84278
+process_id = 84280
@@ -708 +708 @@
-smtp_tls_fingerprint_digest = md5
+smtp_tls_fingerprint_digest = sha256
@@ -789 +789 @@
-smtpd_relay_before_recipient_restrictions = no
+smtpd_relay_before_recipient_restrictions = yes
@@ -826 +826 @@
-smtpd_tls_fingerprint_digest = md5
+smtpd_tls_fingerprint_digest = sha256
@@ -893 +893 @@
-tlsproxy_client_fingerprint_digest = md5
+tlsproxy_client_fingerprint_digest = sha256
@@ -920 +920 @@
-tlsproxy_tls_fingerprint_digest = md5
+tlsproxy_tls_fingerprint_digest = sha256
The "process_id" entry should of course be ignored. As you can see the
changes from level "2" to level "3.6" are just md5 -> sha256, and the
order of relay vs. recipient restrictions matching documentation and
what you'd naively expect.
> but http://www.postfix.org/COMPATIBILITY_README.html is a short read,
> and probably answers the question well, as long as you are familiar
> with your existing configuration.
The documentation is indeed a good place to look.
--
Viktor.
