On Wed, Dec 10, 2025 at 07:43:22PM +0100, Stéphane Guedon wrote: > I just tested all the connections on the server (port 25 and 587 for regular > mail service) and they are all this way. > > I mean, shouldn't starttls be this way ? This is different from smtps.
You're absolutely right, sorry for the noise. As for the rest, I'd look at the logs on th server side, they're probably more helpful as to why the connection is dropped. > > Thank you for the help. > > On 10.12.2025 17.09, Zé Loff wrote: > > On Wed, Dec 10, 2025 at 04:22:06PM +0100, Stéphane Guedon wrote: > > > I have this conf' in host blackblock : > > > > > > ip6 = "2a05:f6c7:de1::2" > > > listen on $ip6 tag SAFE tls-require pki blackblock port 10027 > > > > > > Blackblock listen on the proper port : > > > > > > debug: smtp: listen on [2a05:f6c7:de1::2] port 10027 flags 0x421 > > > > > > > > > And this in host dina : > > > > > > action "relay" relay host smtp+tls://[2a05:f6c7:de1::2]:10027 pki dina tls > > > protocols secure src 2603:c026:306:9211:f:10d:c:9f55 > > > > > > Here is dina trying to send mail through the relay : > > > > > > debug: mta: ... got source for > > > [relay:[2a05:f6c7:de1::2],port=10027,smtp+tls,pki_name=dina,mx,sourcetable=<dynamic:2>]: > > > [2603:c026:306:9211:f:10d:c:9f55] > > > debug: mta: connecting with > > > [connector:[2603:c026:306:9211:f:10d:c:9f55]->[relay:[2a05:f6c7:de1::2],port=10027,smtp+tls,pki_name=dina,mx,sourcetable=<dynamic:2>],0x8] > > > debug: mta: connector error > > > debug: mta: draining > > > [relay:[2a05:f6c7:de1::2],port=10027,smtp+tls,pki_name=dina,mx,sourcetable=<dynamic:2>] > > > refcount=1, ntask=3, nconnector=1, nconn=0 > > > debug: > > > mta_flush([relay:[2a05:f6c7:de1::2],port=10027,smtp+tls,pki_name=dina,mx,sourcetable=<dynamic:2>], > > > 82, "Network error on destination MXs") > > > 0000000000000000 mta delivery evpid=bf322e2a7fd910bd from=<> > > > to=<[email protected]> rcpt=<-> source="-" > > > relay="[2a05:f6c7:de1::2]" delay=6m51s result="TempFa > > > il" stat="Network error on destination MXs" > > > 0000000000000000 mta delivery evpid=d7e4032361bb147c from=<> > > > to=<[email protected]> rcpt=<-> source="-" > > > relay="[2a05:f6c7:de1::2]" delay=6m51s result="TempFa > > > il" stat="Network error on destination MXs" > > > 0000000000000000 mta delivery evpid=e74a3ace7ad6ad03 from=<> > > > to=<[email protected]> rcpt=<-> source="-" > > > relay="[2a05:f6c7:de1::2]" delay=6m51s result="TempFa > > > il" stat="Network error on destination MXs" > > > debug: mta: freeing > > > [relay:[2a05:f6c7:de1::2],port=10027,smtp+tls,pki_name=dina,mx,sourcetable=<dynamic:2>] > > > debug: mta: freeing > > > [connector:[2603:c026:306:9211:f:10d:c:9f55]->[relay:[2a05:f6c7:de1::2],port=10027,smtp+tls,pki_name=dina,mx,sourcetable=<dynamic:2>],0x8] > > > debug: mta: flush for e74a3ace7ad6ad03 (-> [email protected]) > > > debug: mta: flush for d7e4032361bb147c (-> [email protected]) > > > > > > > > > And yet I can do telnet from Dina to Blackblock : > > > > > > dina$ telnet -6 blackblock.22decembre.eu 10027 > > > Trying 2a05:f6c7:de1::2... > > > Connected to blackblock.22decembre.eu. > > > Escape character is '^]'. > > > 220 blackblock.22decembre.eu ESMTP OpenSMTPD > > This is a connection *without* TLS. > > > > > I cannot figure out where is it I am wrong. > > > > > > On 10.12.2025 13.33, Crystal Kolipe wrote: > > > > On Tue, Dec 09, 2025 at 05:32:24PM +0100, Stphane Guedon wrote: > > > > > When looking at the manual to smtpd.conf, on "action" and "relay" > > > > > nothing > > > > > says the relay host has to be ipv4. > > > > > > > > > > Yet, when writing my conf', it definitely looks like not to be > > > > > possible to > > > > > relay to an ipv6-only host (in my case, I wanted to dedicate a > > > > > specific ipv6 > > > > > address on the relay host). > > > > What exactly is the problem you're having? > > > > > > > > We have various setups with IPv6 only relay hosts, so it's definitely > > > > possible. > > > > > > > > > Is it possible that the relay function only sends mail to ipv4 > > > > > addresses ? > > > > No, it's not exclusive to IPv4, IPv6 is supported. > > > > > --
