sendmail confile sendmail.mc has IPv6 enabled, and I test it with:

telnet -6 IPv6addr smtp

or

telnet -6 ::1 smtp

What I expect to see is the usual text from the SMTP login that you get from

an IPv4 telnet session.

At best, I get a connection but no text

or come back with Connection refused?

What am I doing wrong?

Rocky 9.5 sendmail.mc line 148

DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6’) causes the sendmail daemon to hang started by systemctl.

Fedora 40 my home email server - now IPv6 rx is working. Though nothing coming in in 3hrs.

I have to get my ISP to do reverse DNS yet.

Fedora 41 my test machine on the Telstra Business plan cannot send out IPv6..

[root@server3 mail]# /usr/sbin/sendmail -bd -d0.10
Version 8.16.1
Compiled with: DANE DNSMAP HES_GETMAILHOST IPV6_FULL LDAPMAP
LDAP_NETWORK_TIMEOUT LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB=5.3 CDB=1
PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS TLS_EC
TLS_VRFY_PER_CTX USERDB USE_LDAP_INIT
OS Defines: ADDRCONFIG_IS_BROKEN HASFCHOWN HASFCHMOD
HASGETDTABLESIZE HAS_GETHOSTBYNAME2 HASINITGROUPS HASLSTAT
HASNICE HASRANDOM HASRRESVPORT HASSETREGID HASSETREUID
HASSETRLIMIT HASSETSID HASSETVBUF HASURANDOMDEV HASSTRERROR
HASUNAME HASUNSETENV HASWAITPID IDENTPROTO NEEDSGETIPNODE
REQUIRES_DIR_FSYNC SFS_VFS USE_DOUBLE_FORK USE_SIGLONGJMP
Kernel symbols: /boot/vmlinux
Conf file: /etc/mail/submit.cf (default for MSP)
Conf file: /etc/mail/sendmail.cf (default for MTA)
Pid file: /var/run/sendmail.pid (default)
Canonical name: server3
UUCP nodename: server3
a.k.a.: [IPv6:2001:8003:3b6c:ad00:2b91:c9ba:84f4:5c4f]
a.k.a.: [IPv6:fe80:0:0:0:daf7:62e4:e9af:3a44]
Conf file: /etc/mail/sendmail.cf (selected)
Pid file: /var/run/sendmail.pid (selected)

============ SYSTEM IDENTITY (after readcf) ============

(short domain name) $w = server3
(canonical domain name) $j = server3
(subdomain name) $m =
(node name) $k = server3

========================================

Rocky 9.5 where sendmail is OK without IPv6 on.

Sendmail with debug -d0.20

mailer 0 (prog): P=/usr/sbin/smrsh S=EnvFromL/HdrFromL R=EnvToL/HdrToL M=0 U=-1:-1 F=9DFMeloqsu L=0 E=\n T=X-Unix/X-Unix/X-Unix r=100 A=smrsh -c $u
mailer 1 (file): P=[FILE] S=parse/parse R=parse/parse M=0 U=-1:-1 F=9DEFMPloqsu L=0 E=\n T=X-Unix/X-Unix/X-Unix r=100 A=FILE $u
mailer 2 (include): P=/dev/null S=parse/parse R=parse/parse M=0 U=-1:-1 F=su L=0 E=\n T=// r=100 A=INCLUDE $u
mailer 3 (smtp): P=[IPC] S=EnvFromSMTP/HdrFromSMTP R=EnvToSMTP/EnvToSMTP M=0 U=-1:-1 F=DFMXmu L=990 E=\r\n T=DNS/RFC822/SMTP r=100 A=TCP $h
mailer 4 (esmtp): P=[IPC] S=EnvFromSMTP/HdrFromSMTP R=EnvToSMTP/EnvToSMTP M=0 U=-1:-1 F=DFMXamu L=990 E=\r\n T=DNS/RFC822/SMTP r=100 A=TCP $h
mailer 5 (smtp8): P=[IPC] S=EnvFromSMTP/HdrFromSMTP R=EnvToSMTP/EnvToSMTP M=0 U=-1:-1 F=8DFMXmu L=990 E=\r\n T=DNS/RFC822/SMTP r=100 A=TCP $h
mailer 6 (dsmtp): P=[IPC] S=EnvFromSMTP/HdrFromSMTP R=EnvToSMTP/EnvToSMTP M=0 U=-1:-1 F=%DFMXamu L=990 E=\r\n T=DNS/RFC822/SMTP r=100 A=TCP $h
mailer 7 (relay): P=[IPC] S=EnvFromSMTP/HdrFromSMTP R=MasqSMTP/MasqSMTP M=0 U=-1:-1 F=8DFMXamu L=2040 E=\r\n T=DNS/RFC822/SMTP r=100 A=TCP $h
mailer 8 (procmail): P=/usr/bin/procmail S=EnvFromSMTP/HdrFromSMTP R=EnvToSMTP/HdrFromSMTP M=0 U=-1:-1 F=9DFMPShnu L=0 E=\n T=DNS/RFC822/X-Unix r=100 A=procmail -Y -m $h $f $u
mailer 9 (local): P=/usr/bin/procmail S=EnvFromL/HdrFromL R=EnvToL/HdrToL M=0 U=-1:-1 F=/59:@ADFMPSfhlnqsw| L=0 E=\n T=DNS/RFC822/X-Unix r=100 A=procmail -t -Y -a $h -d $u

In the end, my ISP assigned me an IPv4 address, I configured DNS and awaited

IPv6 email, nothing for 3hrs, added Port Forward for IPv4 SMTP port in router, email

came flooding in! So much for IPv6 as email transport.. Fedora 40 box.

Still cannot get Rocky9,5 sendmail receiving IPv6 port SMTP.

Close this for now.

On this subject: IPv6 opens up a server behind the router to all ports.

In the IPv4 system of NAT routers, the router was a firewall.

Only specific ports to specific LAN hosts were let in. A simple but effective setup.

If you do look at the default firewall ruleset (created by FirewallD) in Rocky, you should see that there is filtering for forwarded (i.e. routed) traffic, and default is to reject. In other words, if Rocky is used as router, then one has to “let in specific ports” even for IPv6.

If you do add a “port forward” with FirewallD, you do get (or did get with earlier version of FirewallD) two rules: (a) the obvious DNAT rule, and (b) rule into forward filter to allow the redirected traffic to pass through the router.

If (S)NAT is not used in router – the IPv4 does not require it – then one still has to allow the redirected traffic to pass through the router, unless the default is set to allow everything.

One can ask whether the “NAT routers” default to passing everything, or to denying everything. IMHO, the default should be “deny”, just like in Rocky.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.