Hi, As of yesterday, the primary MX for madduck.net supports IPv6 and I've added the appropriate AAAA record. Unfortunately, this now causes b.mx.madduck.net, the backup MX, to reject mails, since I use permit_mx_backup_networks set to 213.203.238.82/32.
b.mx.madduck.net is also IPv6-connected, and I verified the IPv6-connectivity of both. Right now, b.mx.madduck.net does not accept any mail because the smtpd process dies on connection, due to the following problem. I am using postfix 2.5.2-2lenny1 on both machines. Mark Watts was unable to reproduce this with Mandriva 2008.1 stock RPMs (2.5.1); he tried to add an IPv6 address to permit_mx_backup_networks and add permit_mx_backup to the smtpd_recipient_restrictions. This could thus be a Debian-only bug, but I currently do not have the capacity to verify that. The problem seems to be that b.mx.madduck.net checks a.mx.madduck.net and then only extracts the IPv6 address (even for IPv4 connections) and tries to match that - which I haven't yet added to permit_mx_backup_networks yet. So I tried to add the IPv6 address to permit_mx_backup_networks in all of the following forms, yielding the same error in all cases: 2001:6f8:128a::1/128 # dict_open: unsupported dictionary type: 2001: [2001:6f8:128a::1]/128 # dict_open: unsupported dictionary type: [2001: [IPv6:2001:6f8:128a::1]/128 # dict_open: unsupported dictionary type: [IPv6: I think there are two issues here: 1. arguably, it should be enough for a IPv4 address to be appear in permit_mx_backup_networks to cause the machine to backup mail for dualstack primaries. 2. the IPv6 parsing in permit_mx_backup_networks needs fixing, it seems. Thank you, -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED] fighting for peace is like screwing for virginity. -- the irish times, washington dc spamtraps: [EMAIL PROTECTED]
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)
