Hello,
Sorry to ask the question again but are your mails transmitted in IPv6 ?Does
opensmtpd favors IPv6 over IPv4 when it has the choice ?
Regards
Le jeudi 12 janvier 2023 à 02:35:41 UTC+1, Mik J <[email protected]> a
écrit :
Hello John, Tobias,
Thank you for your answers.
I was not favoring the DNS.
* On my mail server # dig google.fr mx
; <<>> dig 9.10.8-P1 <<>> google.fr mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1014
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.fr. IN MX
;; ANSWER SECTION:
google.fr. 300 IN MX 0 smtp.google.com.
;; ADDITIONAL SECTION:
smtp.google.com. 278 IN AAAA 2a00:1450:400c:c02::1a
smtp.google.com. 278 IN AAAA 2a00:1450:400c:c07::1b
smtp.google.com. 278 IN AAAA 2a00:1450:400c:c08::1a
smtp.google.com. 278 IN AAAA 2a00:1450:400c:c08::1b
# dig smtp.google.com aaaa
; <<>> dig 9.10.8-P1 <<>> smtp.google.com aaaa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9990
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;smtp.google.com. IN AAAA
;; ANSWER SECTION:
smtp.google.com. 300 IN AAAA 2a00:1450:400c:c07::1b
smtp.google.com. 300 IN AAAA 2a00:1450:400c:c02::1a
smtp.google.com. 300 IN AAAA 2a00:1450:400c:c08::1b
smtp.google.com. 300 IN AAAA 2a00:1450:400c:c08::1a
Then on my DNS I log the queries11-Jan-2023 22:48:01.846 client @0xf4ff7212d0
10.mailserverIP#40443 (gmail.com): query: gmail.com IN MX +
(10.dnserverIP)11-Jan-2023 22:48:01.854 client @0xf4ff7212d0 10.mailserverIP
#32810 (alt2.gmail-smtp-in.l.google.com): query:
alt2.gmail-smtp-in.l.google.com IN A + (10.dnserverIP)11-Jan-2023 22:48:01.854
client @0xf571e5f2d0 10.mailserverIP #17570 (gmail-smtp-in.l.google.com):
query: gmail-smtp-in.l.google.com IN A + (10.dnserverIP)11-Jan-2023
22:48:01.855 client @0xf4a58892d0 10.mailserverIP #14392
(alt1.gmail-smtp-in.l.google.com): query: alt1.gmail-smtp-in.l.google.com IN A
+ (10.dnserverIP)11-Jan-2023 22:48:01.855 client @0xf5223412d0 10.mailserverIP
#31444 (alt4.gmail-smtp-in.l.google.com): query:
alt4.gmail-smtp-in.l.google.com IN A + (10.dnserverIP)11-Jan-2023 22:48:01.856
client @0xf4df0972d0 10.mailserverIP #1669 (alt3.gmail-smtp-in.l.google.com):
query: alt3.gmail-smtp-in.l.google.com IN A + (10.dnserverIP)11-Jan-2023
22:48:01.869 client @0xf571e5f2d0 10.mailserverIP #10862
(gmail-smtp-in.l.google.com): query: gmail-smtp-in.l.google.com IN AAAA +
(10.dnserverIP)11-Jan-2023 22:48:01.876 client @0xf5223412d0 10.mailserverIP
#11052 (alt2.gmail-smtp-in.l.google.com): query:
alt2.gmail-smtp-in.l.google.com IN AAAA + (10.dnserverIP)11-Jan-2023
22:48:01.877 client @0xf4a58892d0 10.mailserverIP #31097
(alt1.gmail-smtp-in.l.google.com): query: alt1.gmail-smtp-in.l.google.com IN
AAAA + (10.dnserverIP)11-Jan-2023 22:48:01.877 client @0xf4ff7212d0
10.mailserverIP #15242 (alt4.gmail-smtp-in.l.google.com): query:
alt4.gmail-smtp-in.l.google.com IN AAAA + (10.dnserverIP)11-Jan-2023
22:48:01.878 client @0xf5336c82d0 10.mailserverIP #1836
(alt3.gmail-smtp-in.l.google.com): query: alt3.gmail-smtp-in.l.google.com IN
AAAA + (10.dnserverIP)
On my mail server logs I can see that IPv6 is not used Jan 11 22:47:56
mailserver smtpd[20101]: 3c9017a91b90aff8 smtp connected address=127.0.0.1
host=localhost
Jan 11 22:47:56 mailserver smtpd[20101]: 3c9017a91b90aff8 smtp message
msgid=d1edf87d size=1104 nrcpt=1 proto=ESMTP
Jan 11 22:47:56 mailserver smtpd[20101]: 3c9017a91b90aff8 smtp envelope
evpid=d1edf87d4087c230 from=<[email protected]> to=<[email protected]>
Jan 11 22:47:56 mailserver smtpd[20101]: 3c9017a91b90aff8 smtp disconnected
reason=quit
Jan 11 22:47:56 mailserver smtpd[20101]: 3c9017ac667d462b mta connecting
address=smtp://127.0.0.1:10025 host=localhost
Jan 11 22:47:56 mailserver smtpd[20101]: 3c9017ac667d462b mta connected
Jan 11 22:47:56 mailserver clamsmtpd: 100181: accepted connection from:
127.0.0.1
Jan 11 22:47:56 mailserver smtpd[20101]: 3c9017ada88be21f smtp connected
address=127.0.0.1 host=localhost
Jan 11 22:47:56 mailserver smtpd[20101]: 3c9017ada88be21f smtp message
msgid=da09c4a0 size=1339 nrcpt=1 proto=ESMTP
Jan 11 22:47:56 mailserver smtpd[20101]: 3c9017ada88be21f smtp envelope
evpid=da09c4a09c71da8f from=<[email protected]> to=<[email protected]>
Jan 11 22:47:56 mailserver smtpd[20101]: 3c9017ac667d462b mta delivery
evpid=d1edf87d4087c230 from=<[email protected]> to=<[email protected]>
rcpt=<-> source="127.0.0.1" relay="127.0.0.1 (localhost)" delay=0s result="Ok"
stat="250 2.0.0 da09c4a0 Message accepted for delivery"
Jan 11 22:47:56 mailserver clamsmtpd: 100181: [email protected],
[email protected], status=CLEAN
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017af9e152f41 mta connecting
address=smtp://127.0.0.1:10029 host=localhost
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017af9e152f41 mta connected
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017b0b9b5ff23 smtp connected
address=127.0.0.1 host=localhost
Jan 11 22:48:01 mailserver dkimproxy.out[53636]: DKIM signing - signed;
message-id=<[email protected]>,
signer=<[email protected]>, from=<[email protected]>
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017b0b9b5ff23 smtp message
msgid=9e291457 size=2269 nrcpt=1 proto=ESMTP
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017b0b9b5ff23 smtp envelope
evpid=9e29145712d79b97 from=<[email protected]> to=<[email protected]>
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017af9e152f41 mta delivery
evpid=da09c4a09c71da8f from=<[email protected]> to=<[email protected]>
rcpt=<-> source="127.0.0.1" relay="127.0.0.1 (localhost)" delay=5s result="Ok"
stat="250 2.0.0 9e291457 Message accepted for delivery"
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017b3991746f4 mta connecting
address=smtp://64.233.184.27:25 host=wa-in-f27.1e100.net
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017b3991746f4 mta connected
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017b3991746f4 mta tls
ciphers=TLSv1.3:TLS_AES_256_GCM_SHA384:256
Jan 11 22:48:01 mailserver smtpd[20101]: 3c9017b3991746f4 mta cert-check
result="unverified"
fingerprint="SHA256:c52373769af03068082fccc8a93a45de2aef4ad6d6e279020dfc73b7373d720c"
Jan 11 22:48:02 mailserver smtpd[20101]: 3c9017b3991746f4 mta delivery
evpid=9e29145712d79b97 from=<[email protected]> to=<[email protected]>
rcpt=<-> source="10.mailserverIP" relay="64.233.184.27 (wa-in-f27.1e100.net)"
delay=1s result="Ok" stat="250 2.0.0 OK 1673473682
i22-20020a05600c355600b003cf484ba59dsi18528521wmq.122 - gsmtp"
Jan 11 22:48:06 mailserver smtpd[20101]: 3c9017ada88be21f smtp disconnected
reason=quit
The last rules in my configuration areaction VERS-DKIM_OUT relay host
smtp://127.0.0.1:10029
match from local tag CLAM_OUT for any action VERS-DKIM_OUT
action RELAIE relay
match from local tag DKIM_SIGNE for any action RELAIE
Does opensmtpd favors IPv6 over IPv4 or does it favor IPv4 ?
Regards
Le mercredi 11 janvier 2023 à 20:11:47 UTC+1, John Batteen
<[email protected]> a écrit :
When I've run into this before, it was DNS. My resolver needed to be
configured to default to ipv6 responses. Not sure that will fix your issue but
it's a place to look.
Good luck,
John
On 1/10/2023 8:20 PM, Mik J wrote:
Hello,
My server has an IPv6 adress and is able to contact gmail mail server $
telnet 2a00:1450:400c:c0a::1a 25 Trying 2a00:1450:400c:c0a::1a...
Connected to 2a00:1450:400c:c0a::1a.
Escape character is '^]'.
220 mx.google.com ESMTP q7-20020a05600c46c700b003d9f3cf68d3si5203102wmo.92 -
gsmtp
I relay using this rule action RELAIE relay
match from local tag DKIM_SIGNE for any action RELAIE
But when I look at my logs, the mails are sent over IPv4 smtpd[30274]:
79ebd464bef0b2e0 mta delivery evpid=d2651839f3f0795f from=<[email protected]>
to=<[email protected]> rcpt=<-> source="10.1.2.2" relay="142.251.5.27
(wg-in-f27.1e100.net)" delay=1s result="Ok" stat="250 2.0.0 OK 1673402672
g14-20020adfa48e000000b00285261d0e19si12019405wrb.385 - gsmtp"
Any idea why this would happen ?
version: OpenSMTPD 7.0.0
