Hi misc@.
I have a source table for IP-addresses I'd like to use bind to for
outgoing mail with OpenSMTPD. For some reason, I can't add
IPv6-addresses to it.
To give you an idea, without configuration outgoing mail goes out from
partyvan.eu (partyvan.eu [188.126.81.149]). This is unintended and
should instead use mail.partyvan.eu (mail.partyvan.eu [188.126.81.154])
or the equivalent IPv6-address. These are on the same physical server
and shared NIC.
I have an smtpd.conf [1] that looks like this (simplified):
table addresses file:/etc/mail/addresses
mail_host = "mail.partyvan.eu"
pki $mail_host certificate "/etc/ssl/mail.partyvan.eu.chained.pem"
pki $mail_host key "/etc/ssl/private/mail.partyvan.eu.key"
listen on lo0
accept from local for any relay source <addresses> \
hostname $mail_host pki $mail_host
/etc/mail/addresses [2]:
188.126.81.154
2a00:1a28:1510:1::154
However, any IPv6-address in /etc/mail/addresses is an error:
/etc/mail/smtpd.conf:18: invalid configuration file
/etc/mail/addresses for table addresses
This is OK in /etc/mail/addresses:
188.126.81.154
OpenSMTPD would also happily accept this:
188.126.81.154
188.126.81.155
According to table(5), a source table looks like:
192.168.1.2
192.168.1.3
::1
::2
ipv6:::3
ipv6:::4
But none of these are accepted in the addresses table with or without an
IPv4-address:
2a00:1a28:1510:1::154
[2a00:1a28:1510:1::154]
ipv6:2a00:1a28:1510:1::154
::1
So what am I doing wrong?
smtpd.conf(5) is very confusing about some of the syntaxes, such as:
relay [backup [mx]] [as address] [source <source>]
[hostname name] [hostnames <names>] [pki pkiname]
[tls [verify]]
In fact, source <source> makes OpenSMTPD think it's an netaddr table and
won't accept it in the previously mentioned relaying context. I call
this almost certainly to be a bug (in documentation). There were other
similar documentation quirks that I found.
I tried doing something with addrname tables, but mail is still sent out
from the default IP-address on the server which is not what I expected.
By the way, there seems to be no sensible way to make this compact on a
shared NIC:
mail_addr4 = "188.126.81.154"
mail_addr6 = "2a00:1a28:1510:1::154"
listen on $mail_addr4 tls pki $mail_host hostname $mail_host
listen on $mail_addr6 tls pki $mail_host hostname $mail_host
listen on $mail_addr4 port 587 tls-require pki $mail_host \
auth <secrets> hostname $mail_host
listen on $mail_addr6 port 587 tls-require pki $mail_host \
auth <secrets> hostname $mail_host
I thought an addrname table might help with it, but I couldn't find a
way to do it.
This is on OpenBSD 5.9 -stable. Help appreciated.
[1]: https://partyvan.eu/transparency/config/opensmtpd/smtpd.conf
[2]: https://partyvan.eu/transparency/config/opensmtpd/addresses
