after adding IPv6 config, getting fail on submission -> "fatal: open dictionary: expecting "type:name" form instead of "::1"" ?

PGNet Dev Mon, 03 Jan 2022 07:39:00 -0800

I'm trying to add IPv6 addresses to a previously IPv4-only/working 
internal-network submission node (mx1); the node receives submissions from 
another sending postfix instance (mx2)


I've botched something, & am getting an error I don't yet recognize/understand,

        fatal: open dictionary: expecting "type:name" form instead of "::1"

, and am not sure where to look for the cause.

any clues appreciated!

the submission node's master.conf contains

        [internal.mx2.example.loc]:465 inet n - n - - smtpd -v
         -o syslog_name=postfix/submit-from-mx2-backend
         -o smtpd_banner=internal.mx2.example.loc.465
         -o receive_override_options=no_unknown_recipient_checks
         -o smtpd_milters=unix:/run/dkimpy-milter/dkimpy-milter.sock
         -o milter_macro_daemon_name=DKIM_ORIGINATING
         -o smtpd_tls_loglevel=1
         -o smtpd_tls_security_level=secure
         -o smtpd_tls_wrappermode=yes
         -o smtpd_tls_auth_only=yes
         -o 
tls_high_cipherlist=TLS13-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305
         -o smtpd_tls_mandatory_protocols=!TLSv1.1,!TLSv1,!SSLv3,!SSLv2
         -o smtpd_tls_mandatory_ciphers=high
         -o smtpd_sasl_auth_enable=no
         -o tls_append_default_CA=no
         -o smtpd_tls_CAfile=${ssl_keys_dir}/myCA.CHAIN.crt.pem
         -o 
smtpd_tls_cert_file=${ssl_keys_dir}/internal.mx2.example.loc.server.EC.crt.pem
         -o 
smtpd_tls_key_file=${ssl_keys_dir}/internal.mx2.example.loc.server.EC.key.pem
         -o 
smtpd_authorized_xforward_hosts=127.0.0.0/8,[::1],10.16.1.50,10.16.2.100,[fd72:16:1::50],[fd72:16:2::100]
         -o 
mynetworks=127.0.0.0/8,[::1],10.16.1.50,10.16.2.100,[fd72:16:1::50],[fd72:16:2::100]
         -o smtpd_client_restrictions=permit_mynetworks,reject
         -o smtpd_helo_restrictions=
         -o smtpd_sender_restrictions=
         -o smtpd_tls_fingerprint_digest=sha256
         -o 
relay_clientcerts=${default_database_type}:${config_directory}/local/smarthost_clientcerts
         -o smtpd_tls_req_ccert=yes
         -o smtpd_tls_ccert_verifydepth=2
         -o smtpd_relay_restrictions=permit_tls_clientcerts,reject
         -o smtpd_recipient_restrictions=
         -o smtpd_data_restrictions=
         -o smtpd_end_of_data_restrictions=
         -o smtpd_etrn_restrictions=
         -o smtpd_discard_ehlo_keywords=chunking,etrn,silent-discard
         -o cleanup_service_name=cleanup-out

on mail send exec, at the sending instance,

        2022-01-03T10:22:39.111475-05:00 mx2 
postfix/submit-from-dovecot-proxy/smtpd[21516]: connect from 
mx2.example.lan[fd72:16:1::50]
        2022-01-03T10:22:39.315190-05:00 mx2 
postfix/submit-from-dovecot-proxy/smtpd[21516]: Trusted TLS connection 
established from mx2.example.lan[fd72:16:1::50]: TLSv1.3 with cipher 
TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X25519 
server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA 
(P-384) client-digest SHA384
        2022-01-03T10:22:39.324339-05:00 mx2 
postfix/submit-from-dovecot-proxy/smtpd[21516]: 4JSKHg2Hd8zWf7L: 
client=mx2.example.lan[fd72:16:1::50]
        2022-01-03T10:22:39.389270-05:00 mx2 postfix/qmgr[17689]: 4JSKHg2Hd8zWf7L: 
from=<mya...@example.com>, size=910, nrcpt=1 (queue active)
        2022-01-03T10:22:39.399889-05:00 mx2 
postfix/submit-from-dovecot-proxy/smtpd[21516]: disconnect from 
mx2.example.lan[fd72:16:1::50] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5

it appears to be an OK submission.

but, at the receiving submission node

        2022-01-03T10:23:15.639273-05:00 mx1 postfix/smtpd[7724]: name_mask: 
ipv4
        2022-01-03T10:23:15.639722-05:00 mx1 postfix/smtpd[7724]: name_mask: 
ipv6
        2022-01-03T10:23:15.640130-05:00 mx1 postfix/smtpd[7724]: 
inet_addr_local: configured 9 IPv4 addresses
        2022-01-03T10:23:15.640248-05:00 mx1 postfix/smtpd[7724]: 
inet_addr_local: configured 11 IPv6 addresses
        2022-01-03T10:23:15.640571-05:00 mx1 
postfix/submit-from-mx2-backend/smtpd[7724]: process generation: 17 (17)
        2022-01-03T10:23:15.640672-05:00 mx1 postfix/submit-from-mx2-backend/smtpd[7724]: fatal: 
open dictionary: expecting "type:name" form instead of "::1"
        2022-01-03T10:23:16.641888-05:00 mx1 postfix/master[7632]: warning: 
process /usr/libexec/postfix/smtpd pid 7724 exit status 1
        2022-01-03T10:23:16.642172-05:00 mx1 postfix/master[7632]: warning: 
/usr/libexec/postfix/smtpd: bad command startup -- throttling

I see the fail.

iiuc, the fail is *at* the submission node -- but unclear to me whether it's 
caused there, or something in my sending instance.

what/where is that

        expecting "type:name" form instead of "::1"

telling me something is broken?  sending &/or receiving end?

after adding IPv6 config, getting fail on submission -> "fatal: open dictionary: expecting "type:name" form instead of "::1"" ?

Reply via email to