I have the following in my smtpd.conf:
table sources { "x.x.x.x", "y:y:y:y::1" }
action act30 relay src <sources> helo domain.tld
match auth from any for any action act30As my interface has multiple IPv6 addresses, it allows me to select the IPv6 (and the IPv4) address to use and the domain to advertise for outgoing emails so that reverse and forward DNS entries match each other. If you remove the IPv4 address from the table sources, you should be able to only use IPv6 for outgoing emails. You can also create a special match rule to relay emails over IPv6 only for some recipients/domains, and have a more generic rule to relay emails over IPv4 or IPv6 for everyone else. On Thu, 20 Feb 2025 11:11:22 +1100 Aaron Mason wrote: > Got it in one. I'm glad I'm not the only one who sees it this way. > > Don't get me wrong, I see the value in blacklisting (and understand > that it costs money to run) but the moment someone starts asking for > money it becomes a money making exercise rather than a service for the > benefit of the online community. My service provider told me that > it's their policy (and apparently that of all major providers) not to > pay these fees because it would open the floodgates to increasing the > monetisation of blacklisting services which would hurt the online > community. > > Apparently using IPv6 makes Google angry so maybe the solution is to > move all this stuff in house and use a wireguard tunnel to a single > OpenBSD VM and proxy everything from there, since my home IP isn't > (currently) in their crosshairs. > > On Wed, Feb 19, 2025 at 9:43 PM Maksim Rodin <a23s4a2...@yandex.ru> wrote: > > > > I am sure it is all about UCEPROTECTL3, the most strange blacklist service > > whose authors behave like real scammers and extortionists. > > This blacklist service is strangely trusted and used by many "corporate" > > mail > > services (Microsoft is one of them). Nothing personal just business. > > We had to temporarily set up mail servers in other AS, > > before the AS where our primary mail server resides became green again. > > > > On Wed Feb 19 15:25:20 2025, Aaron Mason wrote: > > > Hi all > > > > > > I have a VPS running OpenBSD 7.6 that I set up to manage a mailing > > > list (yes I know mailchimp has a free tier but I'd rather my > > > recipients and I not be a product) only to find that my emails end up > > > in spam if they get sent at all. It turned out that their AS got added > > > to a prominent spam list and they won't pay to get it taken down > > > (which is probably fair - individual IPs I can understand, but at the > > > AS level it reeks of a protection racket) and as the only other > > > alternative is to wait a week for the entry to expire, they have two > > > options to offer me: > > > > > > - use ipv6 only; or > > > - ask the recipient not to use that blacklist (the latter in this case > > > is Google so may the odds be ever in favour of whoever tries that...) > > > > > > So let's go with the option I might actually be able to do - can I > > > force smtpd to send via ipv6? I can't see anything in public > > > documentation that suggests it's possible. There was once apparently > > > the ability to do this with 'limit mta inet6' but it seems to have > > > been removed in 6.4. > > > > > > Plan C is to use my OpenBSD-running VM for a wireguard tunnel and run > > > those services at home (which I have the infrastructure for but don't > > > want to rely on always having access to a static IP on a home > > > connection - this being Australia and all) but it'll mean having to > > > migrate my Zentyal VM to my Proxmox server and it was a pain getting > > > it where it is from Vultr in the first place... > > > > > > -- > > > Aaron Mason - Programmer, open source addict > > > I've taken my software vows - for beta or for worse > > > > > > > -- > > Best regards > > Maksim Rodin > > > > С уважением, > > Родин Максим > > > > -- > Aaron Mason - Programmer, open source addict > I've taken my software vows - for beta or for worse >
