I found I have not received new e-mails today. E-mail server seemed ok and systemctl --state=failed did not show any services. A user phoned saying she gets "account error" when trying to use e-email, I'm not sure what that means. E-mails arrieved to server and file appeared in mailbox cur directory, but Thunderbird on my desktop did not show them. When trying to send, Thunderbird asked confirmation for skipping security check (was in Finnish, do not remember now what it actually asks in English). Thunderbird checking e-mail certificate showed it expired today. The certificate Thunderbird showed was created Fri, 18 Mar 2022. It looks like Thunderbird was showing the previous certificate, the e-mail server was using certificate created Tue, 17 May 2022 02:48:34 UTC when I checked with online tools. Server was booted 34 days ago, my desktop 8 days ago. I could not make heads or tails of this any further, so I restarded dovecot. That made todays e-mails appear in Thunderbird. Is it possible Thunderbird was not restarted or otherwise told to use the new certificate on 17th May?
I found it was not restarted: Code: Active: active (running) since Fri 2022-05-13 07:20:43 EEST; 1 months 3 days ago
I suspect that Dovecot was not restarted after certificate renewal. It fits in the timeline (server was up for 34 days, renewal would have been 28-30 days ago). So you should set up something to monitor cert changes and restart dovecot after. This guide handles that: https://www.howtoforge.com/securing...server-with-a-valid-lets-encrypt-certificate/