I'm having a new problem with ipv6. I'm running Debian (mostly testing release) on my laptop, with Postfix running simply to allow mutt to send when I don't have connectivity. The relevant postconf entries (full postconf -n below):
inet_protocols = all (default; not specified in main.cf) relayhost = [florina.renich.org]:587 On March 10, I have this log entry: Mar 10 08:59:49 basil postfix/smtp[10878]: C0CFC2401AA: to=<recipie...@host1.example.com>, relay=florina.renich.org[64.150.161.163]:587, delay=1.5, delays=0.13/0.04/1.2/0.11, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 84B16680B0) That was the last successful delivery through relayhost. The next outgoing message was on March 21: Mar 21 14:42:45 basil postfix/smtp[12587]: 3AF35240229: to=<recipie...@host2.example2.com>, relay=none, delay=0.47, delays=0.25/0.22/0/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=florina.renich.org type=AAAA: Host not found, try again) Postfix was last updated on February 5, from Debian postfix 3.1.4-3 to 3.1.4-4. etckeeper shows that the last changes to Postfix configuration came from that upgrade on that date (dynamicmaps.cf, makedefs.out, and /etc/aliases.db). mail.log shows Postfix was restarted on March 3, 11, 12, and 18. The DNS information for the relayhost has not changed in a long time, and it has never had an ipv6 entry (I control the tinydns server that is authoritative for that domain). From my laptop, various tools (host, dig, nslookup, dnsip) have no trouble resolving the relayhost's address, returning the correct ipv4 address. I even did a raw dump of the result from getaddrinfo("florina.renich.org", "587", ...) and got the expected result. First, why would the DNS query correctly give the ipv4 address on Mar 10, but then fail saying it could not find an ipv6 entry on Mar 21? I can find no configuration change or program version change that would explain this. Second, I would expect that with inet_protocols = all that if an ipv6 lookup fails, it would try an ipv4 lookup. Is that not the case? Do I need to explicitly specify which hosts should use ipv4? Third, I found a serverfault.com post[1] from 2014 where the answer said to use a transport map with an entry like example.com smtp-ipv4:[mail.domain.com] but it did not say anything about creating a service smtp-ipv4 in master.cf; was this answer just missing that info? Does the default Postfix config have that entry, but the Debian package doesn't? That same answer said that with inet_protocols=all Postfix should try ipv6 first, then fall back to ipv4. Since on my laptop, I am always sending through the relayhost, is the best solution to just set inet_protocols = ipv4? Is there a better solution? This is what I have done for now, and it works, but I have other Postfix servers, including the one on the relayhost (which has not yet shown any problem), and as it delivers globally, I would like to understand why my laptop's Postfix is having trouble. Thanks...Marvin [1] http://serverfault.com/questions/577134/postfix-host-or-domain-not-found # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix/html inet_interfaces = loopback-only mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 mydestination = basil.localdomain, localhost.localdomain, localhost myhostname = basil.localdomain mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = /usr/share/doc/postfix recipient_delimiter = - relayhost = [florina.renich.org]:587 smtp_generic_maps = hash:/etc/postfix/generic smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_password smtp_sasl_security_options = noanonymous, noplaintext smtp_sasl_tls_security_options = noanonymous smtp_tls_security_level = may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes