diff --git a/harden_postfix.service.patch b/harden_postfix.service.patch
index b85a1fa..23839a5 100644
--- a/harden_postfix.service.patch
+++ b/harden_postfix.service.patch
@@ -1,7 +1,7 @@
-Index: postfix-3.6.2/postfix-SUSE/postfix.service
+Index: postfix-SUSE/postfix.service
 ===================================================================
---- postfix-3.6.2.orig/postfix-SUSE/postfix.service
-+++ postfix-3.6.2/postfix-SUSE/postfix.service
+--- postfix-SUSE/postfix.service.orig
++++ postfix-SUSE/postfix.service
 @@ -19,6 +19,24 @@ After=amavis.service mysql.service cyrus
  Conflicts=sendmail.service exim.service
  
diff --git a/postfix-SUSE.tar.gz b/postfix-SUSE.tar.gz
index 98a4945..cd6cd69 100644
--- a/postfix-SUSE.tar.gz
+++ b/postfix-SUSE.tar.gz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1853d69d3d8e46f877815bb850c6bbcf313b039f59284260cb000b5b821326fd
-size 24333
+oid sha256:aaf3ed81d89fccbfb37f61d485095fd9e959696e14bc108f6a72909642b440d6
+size 27532
diff --git a/postfix-avoid-infinit-loop-if-no-permission.patch b/postfix-avoid-infinit-loop-if-no-permission.patch
index d2a5d2b..9554f48 100644
--- a/postfix-avoid-infinit-loop-if-no-permission.patch
+++ b/postfix-avoid-infinit-loop-if-no-permission.patch
@@ -1,6 +1,8 @@
---- src/global/mail_queue.c-orig	2019-04-01 14:37:54.136169772 +0200
-+++ src/global/mail_queue.c	2019-04-01 14:42:35.191382999 +0200
-@@ -363,6 +363,14 @@
+Index: src/global/mail_queue.c
+===================================================================
+--- src/global/mail_queue.c.orig
++++ src/global/mail_queue.c
+@@ -363,6 +363,14 @@ VSTREAM *mail_queue_enter(const char *qu
  	    break;
  	if (errno == EEXIST || errno == EISDIR)
  	    continue;
diff --git a/postfix-bdb.changes b/postfix-bdb.changes
index 3bbd93e..3e090ca 100644
--- a/postfix-bdb.changes
+++ b/postfix-bdb.changes
@@ -1,3 +1,23 @@
+-------------------------------------------------------------------
+Tue May  3 20:16:49 UTC 2022 - chris@computersalat.de
+
+- fix config.postfix 'hash' leftover with relay_recipients
+- update postfix-main.cf.patch about
+  * smtp_tls_security_level (obsoletes smtp_use_tls, smtp_enforce_tls)
+  * smtpd_tls_security_level (obsoletes smtpd_use_tls, smtpd_enforce_tls)
+- rebase/refresh patches
+  * harden_postfix.service.patch
+  * postfix-avoid-infinit-loop-if-no-permission.patch
+  * postfix-master.cf.patch
+  * postfix-vda-v14-3.0.3.patch
+  * set-default-db-type.patch
+
+-------------------------------------------------------------------
+Mon May  2 07:27:19 UTC 2022 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Change ed requires to /usr/bin/ed: allow busybox-ed to be used
+  inside containers.
+
 -------------------------------------------------------------------
 Mon Apr 25 13:59:17 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
 
diff --git a/postfix-bdb.spec b/postfix-bdb.spec
index dfc3d95..782b47e 100644
--- a/postfix-bdb.spec
+++ b/postfix-bdb.spec
@@ -166,7 +166,7 @@ lmdb.
 %patch8
 %patch9
 %patch10
-%patch12 -p1
+%patch12
 
 # ---------------------------------------------------------------------------
 
diff --git a/postfix-main.cf.patch b/postfix-main.cf.patch
index 0dfb637..33c78ff 100644
--- a/postfix-main.cf.patch
+++ b/postfix-main.cf.patch
@@ -50,7 +50,7 @@ Index: conf/main.cf
  
  # PARALLEL DELIVERY TO THE SAME DESTINATION
  #
-@@ -673,4 +674,148 @@ sample_directory =
+@@ -673,4 +674,151 @@ sample_directory =
  # readme_directory: The location of the Postfix README files.
  #
  readme_directory =
@@ -133,6 +133,7 @@ Index: conf/main.cf
 +smtp_use_tls = no
 +#smtp_tls_loglevel = 0
 +smtp_enforce_tls = no
++smtp_tls_security_level = 
 +smtp_tls_CAfile = 
 +smtp_tls_CApath = 
 +smtp_tls_cert_file = 
@@ -143,6 +144,8 @@ Index: conf/main.cf
 +
 +smtpd_use_tls = no
 +#smtpd_tls_loglevel = 0
++smtpd_enforce_tls = no
++smtpd_tls_security_level = 
 +smtpd_tls_CAfile = 
 +smtpd_tls_CApath = 
 +smtpd_tls_cert_file = 
diff --git a/postfix-master.cf.patch b/postfix-master.cf.patch
index 6d949b7..c154cdd 100644
--- a/postfix-master.cf.patch
+++ b/postfix-master.cf.patch
@@ -1,5 +1,7 @@
---- conf/master.cf.orig	2021-08-26 16:04:04.762230066 +0200
-+++ conf/master.cf	2021-08-26 16:04:50.529792941 +0200
+Index: conf/master.cf
+===================================================================
+--- conf/master.cf.orig
++++ conf/master.cf
 @@ -10,6 +10,11 @@
  #               (yes)   (yes)   (no)    (never) (100)
  # ==========================================================================
@@ -12,7 +14,7 @@
  #smtp      inet  n       -       n       -       1       postscreen
  #smtpd     pass  -       -       n       -       -       smtpd
  #dnsblog   unix  -       -       n       -       0       dnsblog
-@@ -17,30 +22,32 @@
+@@ -17,30 +22,32 @@ smtp      inet  n       -       n
  # Choose one: enable submission for loopback clients only, or for any client.
  #127.0.0.1:submission inet n -   n       -       -       smtpd
  #submission inet n       -       n       -       -       smtpd
@@ -67,7 +69,7 @@
  #628       inet  n       -       n       -       -       qmqpd
  pickup    unix  n       -       n       60      1       pickup
  cleanup   unix  n       -       n       -       0       cleanup
-@@ -69,6 +76,26 @@
+@@ -69,6 +76,26 @@ lmtp      unix  -       -       n
  anvil     unix  -       -       n       -       1       anvil
  scache    unix  -       -       n       -       1       scache
  postlog   unix-dgram n  -       n       -       1       postlogd
@@ -94,7 +96,7 @@
  #
  # ====================================================================
  # Interfaces to non-Postfix software. Be sure to examine the manual
-@@ -102,7 +129,7 @@
+@@ -102,7 +129,7 @@ postlog   unix-dgram n  -       n
  # Also specify in main.cf: cyrus_destination_recipient_limit=1
  #
  #cyrus     unix  -       n       n       -       -       pipe
@@ -103,7 +105,7 @@
  #
  # ====================================================================
  #
-@@ -135,3 +162,10 @@
+@@ -135,3 +162,10 @@ postlog   unix-dgram n  -       n
  #mailman   unix  -       n       n       -       -       pipe
  #  flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  #  ${nexthop} ${user}
diff --git a/postfix-vda-v14-3.0.3.patch b/postfix-vda-v14-3.0.3.patch
index 58fabeb..7dfc1d3 100644
--- a/postfix-vda-v14-3.0.3.patch
+++ b/postfix-vda-v14-3.0.3.patch
@@ -19,7 +19,7 @@ Index: src/global/mail_params.h
 ===================================================================
 --- src/global/mail_params.h.orig
 +++ src/global/mail_params.h
-@@ -2620,6 +2620,54 @@ extern char *var_virt_uid_maps;
+@@ -2650,6 +2650,54 @@ extern char *var_virt_uid_maps;
  #define DEF_VIRT_GID_MAPS		""
  extern char *var_virt_gid_maps;
  
diff --git a/postfix.changes b/postfix.changes
index 6741881..3e090ca 100644
--- a/postfix.changes
+++ b/postfix.changes
@@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Tue May  3 20:16:49 UTC 2022 - chris@computersalat.de
+
+- fix config.postfix 'hash' leftover with relay_recipients
+- update postfix-main.cf.patch about
+  * smtp_tls_security_level (obsoletes smtp_use_tls, smtp_enforce_tls)
+  * smtpd_tls_security_level (obsoletes smtpd_use_tls, smtpd_enforce_tls)
+- rebase/refresh patches
+  * harden_postfix.service.patch
+  * postfix-avoid-infinit-loop-if-no-permission.patch
+  * postfix-master.cf.patch
+  * postfix-vda-v14-3.0.3.patch
+  * set-default-db-type.patch
+
 -------------------------------------------------------------------
 Mon May  2 07:27:19 UTC 2022 - Dominique Leuenberger <dimstar@opensuse.org>
 
diff --git a/postfix.spec b/postfix.spec
index 24287f6..4ecadc3 100644
--- a/postfix.spec
+++ b/postfix.spec
@@ -184,7 +184,7 @@ maps with Postfix, you need this.
 %patch9
 %patch10
 %patch11
-%patch12 -p1
+%patch12
 
 # ---------------------------------------------------------------------------
 
diff --git a/set-default-db-type.patch b/set-default-db-type.patch
index 227d202..2e7604f 100644
--- a/set-default-db-type.patch
+++ b/set-default-db-type.patch
@@ -38,7 +38,7 @@ Index: src/util/sys_defs.h
  #define ALIAS_DB_MAP	DEF_DB_TYPE ":/etc/aliases"
  #ifndef NO_NIS
  #define HAS_NIS
-@@ -841,7 +841,7 @@ extern int initgroups(const char *, int)
+@@ -844,7 +844,7 @@ extern int initgroups(const char *, int)
  #define DEF_MAILBOX_LOCK "dotlock"	/* verified RedHat 3.03 */
  #define HAS_FSYNC
  #define HAS_DB
@@ -47,7 +47,7 @@ Index: src/util/sys_defs.h
  #define ALIAS_DB_MAP	DEF_DB_TYPE ":/etc/aliases"
  #ifndef NO_NIS
  #define HAS_NIS
-@@ -874,7 +874,7 @@ extern int initgroups(const char *, int)
+@@ -877,7 +877,7 @@ extern int initgroups(const char *, int)
  #define DEF_MAILBOX_LOCK "fcntl, dotlock"	/* RedHat >= 4.x */
  #define HAS_FSYNC
  #define HAS_DB
@@ -56,7 +56,7 @@ Index: src/util/sys_defs.h
  #define ALIAS_DB_MAP	DEF_DB_TYPE ":/etc/aliases"
  #ifndef NO_NIS
  #define HAS_NIS
-@@ -1199,7 +1199,7 @@ extern int opterr;			/* XXX use <getopt.
+@@ -1202,7 +1202,7 @@ extern int opterr;			/* XXX use <getopt.
  #define INTERNAL_LOCK	MYFLOCK_STYLE_FCNTL
  #define DEF_MAILBOX_LOCK "fcntl, dotlock"
  #define HAS_FSYNC
@@ -69,7 +69,7 @@ Index: src/global/mail_params.h
 ===================================================================
 --- src/global/mail_params.h.orig
 +++ src/global/mail_params.h
-@@ -2923,7 +2923,7 @@ extern int var_vrfy_pend_limit;
+@@ -2953,7 +2953,7 @@ extern int var_vrfy_pend_limit;
  extern char *var_verify_service;
  
  #define VAR_VERIFY_MAP			"address_verify_map"
@@ -78,7 +78,7 @@ Index: src/global/mail_params.h
  extern char *var_verify_map;
  
  #define VAR_VERIFY_POS_EXP		"address_verify_positive_expire_time"
-@@ -3691,7 +3691,7 @@ extern char *var_multi_cntrl_cmds;
+@@ -3721,7 +3721,7 @@ extern char *var_multi_cntrl_cmds;
    * postscreen(8)
    */
  #define VAR_PSC_CACHE_MAP	"postscreen_cache_map"