[Discuss] Any Postfix + ipv6 people out there?

Thu, 31 May 2012 08:13:18 -0700 

Hi BLUers,

I've been working on enabling IPv6 on my personal servers and I ran into
a strange issue last night when I enabled v6 on my mail server.  All of
a sudden, all the rest of my local hosts that send daily logwatch emails
are being rejected (at least those that are v6-aware but don't have
public v6 addresses).  It's as if the permit_mynetworks isn't working
anymore with link-local addresses.

The error I get appears as if the smtpd_sender_restrictions is rejecting
the email, but it should accept it based on mynetworks:

smtpd_sender_restrictions = permit_mynetworks,
        permit_tls_clientcerts,
        permit_sasl_authenticated,
        check_sender_access hash:/etc/postfix/goodsender,
        check_sender_access hash:/etc/postfix/badsender,
        reject_unknown_sender_domain,
        reject_non_fqdn_sender,
        check_sender_access hash:/etc/postfix/sender_access,
        reject_unverified_sender,
        permit

I haven't found a good way to debug postfix and have it log exactly why
the mail is being prevented.  Here's the full log that I get in my maillog:

May 31 09:18:12 mail2 postfix/smtpd[26444]: connect from 
unknown[fe80::20c:29ff:fecf:7df0%eth0]
May 31 09:18:12 mail2 postfix/smtpd[26444]: setting up TLS connection from 
unknown[fe80::20c:29ff:fecf:7df0%eth0]
May 31 09:18:12 mail2 postfix/smtpd[26444]: Anonymous TLS connection 
established from unknown[fe80::20c:29ff:fecf:7df0%eth0]: TLSv1 with cipher 
DHE-RSA-AES256-SHA (256/256 bits)
May 31 09:18:12 mail2 postfix/smtpd[26444]: NOQUEUE: reject: RCPT from 
unknown[fe80::20c:29ff:fecf:7df0%eth0]: 450 4.1.7 <[email protected]>: Sender 
address rejected: unverified address: Address verification failed; 
from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<host.dom.ain>
May 31 09:18:12 mail2 postfix/smtpd[26444]: warning: network_biopair_interop: 
error reading 5 bytes from the network: Connection reset by peer
May 31 09:18:12 mail2 postfix/smtpd[26444]: disconnect from 
unknown[fe80::20c:29ff:fecf:7df0%eth0]

Any gurus around who can help me debug?

Thanks,

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       [email protected]                        PGP key available
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss

Reply via email to