Hello!
I had a similar problem starting OpenSMTPD at boot in CentOS 7.
Solved it by using *listen on 0.0.0.0* instead of *listen on eth0*
Good luck,
Reio
On 18.03.2018 14:54, Richard wrote:
On Sun, 18 Mar 2018, Harald Dunkel wrote:
problem using opensmtpd 6.0.3 on Debian: I have set
xname=mailhost.example.com
:
limit mta inet4
listen on lo tls pki $xname
listen on eth0 tls pki $xname
listen on eth1 tls pki $xname
:
in smtpd.conf, but apparently this "limit" line ignored. At boot
time it tries to bind to a link-local IPv6 address. And this fails,
as strace shows:
:
695 setsockopt(11, SOL_SOCKET, SO_REUSEADDR, [1], 4
695 <... setsockopt resumed> )= 0
695 bind(11, {sa_family=AF_INET, sin_port=htons(25),
sin_addr=inet_addr("10.0.0.2")}, 16
695 <... bind resumed> ) = 0
695 socket(PF_INET6, SOCK_STREAM, IPPROTO_IP
695 <... socket resumed> )= 12
695 setsockopt(12, SOL_SOCKET, SO_REUSEADDR, [1], 4
695 <... setsockopt resumed> )= 0
695 setsockopt(12, SOL_IPV6, IPV6_V6ONLY, [1], 4
695 <... setsockopt resumed> )= 0
695 bind(12, {sa_family=AF_INET6, sin6_port=htons(25), inet_pton(AF_INET6,
"fe80::216:3aff:feca:38bb", _addr), sin6_flowinfo=0,
sin6_scope_id=if_nametoindex("eth0")}, 28
695 <... bind resumed> ) = -1 EADDRNOTAVAIL (Cannot assign
requested address)
695 write(2, "pony express: smtpd: bind: Canno"..., 59
695 <... write resumed> ) = 59
695 exit_group(1) = ?
695 +++ exited with 1 +++
"ip address show" (run immediately before smtpd) shows, that
the link-local address is still "tentative":
:
194: eth0@if195: mtu 1500 qdisc noqueue state
UP group default qlen 1000
link/ether 00:16:3a:ca:38:bb brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::216:3aff:feca:38bb/64 scope link tentative
valid_lft forever preferred_lft forever
:
If I try to run smtpd later, then it works.
It appears that "limit mta inet4" statement limits outgoing ipv6
connections but not incoming ipv6 connections...
Instead of the limit statement one might use a notation like this
which limits incoming and outgoing connections to ipv4 by interface:
listen on lo inet4 tls pki $xname
listen on eth0 inet4 tls pki $xname
listen on eth1 inet4 tls pki $xname
Richard Narron