This announcement only affects self-hosters who are running Direct-delivery incoming email for self-hosted sites. Managed hosting customers, and self-hosters using POP3 for incoming mail are not affected.
As you may be aware, Let’s Encrypt recently changed their root certificate. The old root certificate expired today, and has caused a number of issues for out-of-date clients across the web. All of our systems at CDCK are up-to-date, and were not affected by today’s expiration. Unfortunately we missed the public mail-receiver docker image, which has not been updated for a few months.
This means that existing self-hosted mail-receiver installations will be unable to deliver mail to letsencrypt-secured sites.
We just pushed an updated version to DockerHub, which includes the new root certificate. Assuming you followed the official installation instructions, you can update your installation by running
docker pull discourse/mail-receiver:release
cd /var/discourse
./launcher rebuild mail-receiver
Mails received by broken installations will have been temporarily queued on the sending server. Those servers should attempt to redeliver the mail periodically, so any missed mails should arrive soon after you update the image.
If you’re still seeing issues after following these steps, make sure you’re running the release
version of mail-receiver. You can find information on that in this topic.
Sorry for the disruption here! Big thanks to @wlandgraf for initially reporting the issue, and helping us test the fix