Mel P via Postfix-users:
> On 2026-05-27 12:08, Wietse Venema via Postfix-users wrote:
> > Mel P via Postfix-users:
> >> On 2026-05-27 10:50, Wietse Venema via Postfix-users wrote:
> >>> Turning on Postfix IPv6 support without IPv6 connectivity would be
> >>> harmul for the Postfix SMTP client.
> >>
> >> IME worst case there's a few seconds delay when there's a partial
> >> network outage, but fallback is otherwise reliably seamless and
> >> instantaneous.
> >
> > You are missing one thing.
> >
> > The Postfix SMTP client will try only a limited number of IP
> > addresses, configured with smtp_mx_address_limit (default: 5).
> > This limit ensures that a receiver cannot get an unfair amount
> > of Postfix SMTP client resources.
> >
> > When a receiver lists a lot of IPv6 addresses that Postfix cannot
> > use, then smtp_balance_inet_protocols tries to ensure that there
> > will be ~2 IPv4 addresses. That is less than 5.
> >
> > The harm done then, is that Postfix will have fewer opportunities
> > to retry delivery. And depending on how exactly IPv6 is broken, the
> > failing connections my haver to time out.
>
> I did overlook that, but I would point out that the reverse is also
> true. If a receiver lists a lot IPv4 addresses, but the sender has IPv4
> reachability issues, the usable IPv6 addresses will similarly be
> supressed. That case is undoubtedly quite rare, but I have encountered
> fixed cellular ISPs where IPv6 is native, but IPv4 uses CGNAT for all
> customers.
I suppose that any tool can be misused...
Postfix balances v4 and v6 addresses, so that it still has a good
chance to deliver mail if one protocol has an outage.
But that is not a good reason to blindly enable Postfix IPv6 support.
Postfix also randomizes IP addresses (while respecting MX preferences)
so that mail won't get stuck with persistently bad MX hosts.
But that is not a good reason to reduce the smtp_mx_address_limit.
> All of this is merely IMO, of course. I personally would love to see
> the handling of inet_protocols changed to use compatibility_level at
> least, but I can also see the impetus to keep it as is.
I have opened a branch to migrate the current inet_protocols setting
to compatibility_level, with a note that there may be other
"upgrade-configuration" actions that also benefit from compatibility_level
migration.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
