• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

[SOLVED] Posftfix on IPv6 only

Started by pcreager, April 09, 2011, 12:00:37 PM

Previous topic - Next topic

pcreager

I'm running Ubuntu as my IPv6 testbed.  I'm trying to get Postfix to use the IPv6 interface only, but it doesn't seem to be listening on it.

My Postfix main.cf has the following:
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix

myhostname = mailv6.pcv6.net

inet_interfaces = [::1], [2001:470:1f04:1af2::2]

mydestination = mailv6.pcv6.net, localhost.localdomain, localhost, pcv6.net

unknown_local_recipient_reject_code = 550

mynetworks = [::1]/128, [2001:470:1f05:1af2::]/64
smtp_bind_address6 = 2001:470:1f04:1af2::2
inet_protocols = ipv6

home_mailbox = Maildir/

smtpd_banner = $myhostname ESMTP $mail_name (@@DISTRO@@)

debugger_command =
    PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
    ddd $daemon_directory/$process_name $process_id & sleep 5

sendmail_path =
newaliases_path =
mailq_path =
setgid_group =
html_directory =
manpage_directory =
sample_directory =
readme_directory =


In UFW I have port 25 opened:
[18] 25/tcp                     ALLOW IN    Anywhere (v6)


Anyone done this or can otherwise offer suggestions?  Thanks.

jimb

Do a "netstat -anp" and see if it's listening?   If it's not, it's something in your posftfix config, or you're not running it (start it).  If it is, it's firewall related.  I don't use UFW (it's just a front end to iptables).  Check ip6tables --list to see if it really put a rule in the INPUT chain (presuming your postfix server is your IPv6 gateway, if not it needs to be in the FORWARD chain).


pcreager

Thanks - I got it working by re-running the config (dpkg-reconfigure postfix).  Now it is listening on port 25 on the IPv6 interface, and I've confirmed the outside can reach it.

But mails aren't making it through - wading through the Postfix docs now...  (I know very little about Postfix or running my own MTA.)

broquea

Seems to connect ok, how did you configure your MX record?

~$ telnet 2001:470:1f04:1af2::2 25
Trying 2001:470:1f04:1af2::2...
Connected to 2001:470:1f04:1af2::2.
Escape character is '^]'.
220 vmub64v6.localdomain ESMTP Postfix (Ubuntu)

pcreager

mailv6.pcv6.net.   IN   AAAA    2001:470:1F04:1AF2::2
pcv6.net.      IN   MX      100 mailv6.pcv6.net.

I see the attempts from he.net coming in, but the error is:
Apr  9 14:19:29 mailv6 postfix/smtpd[4554]: connect from ipv6.he.net[2001:470:0:64::2]
Apr  9 14:19:29 mailv6 postfix/smtpd[4554]: NOQUEUE: reject: RCPT from ipv6.he.net[2001:470:0:64::2]: 554 5.7.1 <hostmaster@pcv6.net>: Relay access denied; from=<ipv6@he.net> to=<hostmaster@pcv6.net> proto=ESMTP helo=<ipv6.he.net>
Apr  9 14:19:29 mailv6 postfix/smtpd[4554]: warning: non-SMTP command from ipv6.he.net[2001:470:0:64::2]: To:
Apr  9 14:19:29 mailv6 postfix/smtpd[4554]: disconnect from ipv6.he.net[2001:470:0:64::2]
Apr  9 14:20:58 mailv6 postfix/master[4471]: terminating on signal 15

pcreager

Success!  I am now a Professional.   ;D

I had to allow the he.net source address in mynetworks.  What was tripping me up throughout all this was: I would make changes in main.cf, but these don't seem to (always) be reflected in postconf -n, even after a full stop/start.  So once I used postconf -e to make the changes I got it working.

Thanks all.