Hurricane Electric's IPv6 Tunnel Broker Forums

IPv6 Certification Program Topics => General Discussion => Topic started by: pcreager on April 09, 2011, 12:00:37 PM

Title: [SOLVED] Posftfix on IPv6 only
Post by: pcreager on April 09, 2011, 12:00:37 PM
I'm running Ubuntu as my IPv6 testbed.  I'm trying to get Postfix to use the IPv6 interface only, but it doesn't seem to be listening on it.

My Postfix main.cf has the following:
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix

myhostname = mailv6.pcv6.net

inet_interfaces = [::1], [2001:470:1f04:1af2::2]

mydestination = mailv6.pcv6.net, localhost.localdomain, localhost, pcv6.net

unknown_local_recipient_reject_code = 550

mynetworks = [::1]/128, [2001:470:1f05:1af2::]/64
smtp_bind_address6 = 2001:470:1f04:1af2::2
inet_protocols = ipv6

home_mailbox = Maildir/

smtpd_banner = $myhostname ESMTP $mail_name (@@DISTRO@@)

debugger_command =
    PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
    ddd $daemon_directory/$process_name $process_id & sleep 5

sendmail_path =
newaliases_path =
mailq_path =
setgid_group =
html_directory =
manpage_directory =
sample_directory =
readme_directory =


In UFW I have port 25 opened:
[18] 25/tcp                     ALLOW IN    Anywhere (v6)


Anyone done this or can otherwise offer suggestions?  Thanks.
Title: Re: Posftfix on IPv6 only
Post by: jimb on April 09, 2011, 02:19:05 PM
Do a "netstat -anp" and see if it's listening?   If it's not, it's something in your posftfix config, or you're not running it (start it).  If it is, it's firewall related.  I don't use UFW (it's just a front end to iptables).  Check ip6tables --list to see if it really put a rule in the INPUT chain (presuming your postfix server is your IPv6 gateway, if not it needs to be in the FORWARD chain).

Title: Re: Posftfix on IPv6 only
Post by: pcreager on April 09, 2011, 02:30:17 PM
Thanks - I got it working by re-running the config (dpkg-reconfigure postfix).  Now it is listening on port 25 on the IPv6 interface, and I've confirmed the outside can reach it.

But mails aren't making it through - wading through the Postfix docs now...  (I know very little about Postfix or running my own MTA.)
Title: Re: Posftfix on IPv6 only
Post by: broquea on April 09, 2011, 02:37:21 PM
Seems to connect ok, how did you configure your MX record?

~$ telnet 2001:470:1f04:1af2::2 25
Trying 2001:470:1f04:1af2::2...
Connected to 2001:470:1f04:1af2::2.
Escape character is '^]'.
220 vmub64v6.localdomain ESMTP Postfix (Ubuntu)
Title: Re: Posftfix on IPv6 only
Post by: pcreager on April 09, 2011, 02:48:00 PM
mailv6.pcv6.net.   IN   AAAA    2001:470:1F04:1AF2::2
pcv6.net.      IN   MX      100 mailv6.pcv6.net.

I see the attempts from he.net coming in, but the error is:
Apr  9 14:19:29 mailv6 postfix/smtpd[4554]: connect from ipv6.he.net[2001:470:0:64::2]
Apr  9 14:19:29 mailv6 postfix/smtpd[4554]: NOQUEUE: reject: RCPT from ipv6.he.net[2001:470:0:64::2]: 554 5.7.1 <hostmaster@pcv6.net>: Relay access denied; from=<ipv6@he.net> to=<hostmaster@pcv6.net> proto=ESMTP helo=<ipv6.he.net>
Apr  9 14:19:29 mailv6 postfix/smtpd[4554]: warning: non-SMTP command from ipv6.he.net[2001:470:0:64::2]: To:
Apr  9 14:19:29 mailv6 postfix/smtpd[4554]: disconnect from ipv6.he.net[2001:470:0:64::2]
Apr  9 14:20:58 mailv6 postfix/master[4471]: terminating on signal 15
Title: Re: Posftfix on IPv6 only
Post by: pcreager on April 09, 2011, 03:46:50 PM
Success!  I am now a Professional.   ;D

I had to allow the he.net source address in mynetworks.  What was tripping me up throughout all this was: I would make changes in main.cf, but these don't seem to (always) be reflected in postconf -n, even after a full stop/start.  So once I used postconf -e to make the changes I got it working.

Thanks all.