On Wed, May 03, 2023 at 04:57:57AM +0200, Kolusion K via Postfix-users wrote:
> Its not naive, its a fact- Postfix is broken. The inet_interfaces
> parameter is described in the documentation as making Postfix use only
> the interfaces listed for the parameter. In reality, Postfix ignores
> the parameter by using network interfaces that are not listed.
[ The hubris is grating. If you plan to stick around on the list, it
would be best to start cutting back... ]
https://www.postfix.org/postconf.5.html#inet_interfaces
When inet_interfaces specifies just one IPv4 and/or IPv6 address
that is not a loopback address, the Postfix SMTP client will use
this address as the IP source address for outbound mail. Support
for IPv6 is available in Postfix version 2.2 and later.
Note the "and/or", in particular there can be one of each, and each
affects only connections made via the associated protocol. Connections
made via the either protocol are of course not affected by the choice of
primary address for the other. This could be made a bit more explicit,
but Postfix is behaving as intended.
Not everything you find unintuitive is necessarily a software or even a
documentation bug. Though requests (rather than demands) for
documentation clarification may, when justified, elicit changes in
the text, not just clarifying on-list commentary.
> There is nothing mentioned in the Postfix documentation under the
> inet_interfaces parameter section that says the inet_interfaces
> parameter is for IPv4 only and that it will not have an effect on IPv6
> interfaces. That claim is your fairy tale.
It isn't for IPv4 only, it is for either or both protocols. The
overloading of inet_interfaces as a default source of "smtp_bind_adress"
and/or "smtpd_bind_address6" is a convenience that applies in limited
circumstances (exactly one "public" IP address for the associated address
family). To be sure to set a bind address use the associated dedicated
parameters.
> Postfix needs to be patched so that the value of the inet_interfaces
> parameter is obeyed regardless of whether or not IPv6 (or other IP
> versions?) is enabled.
It is obeyed as intended, on a per-address-family basis. If you want
just one address family, then you need to explicitly disable the other.
Listing only IPv4 or only IPv6 addresses in inet_interfaces leaves the
other protocol family unconstrained. This is a feature, not a bug.
> Disabling IPv6 probably isn't an acceptable workaround anyway.
But that's exactly what you naƮvely expected inet_interfaces to do,
so clearly it must be acceptable in your use case.
> What happens if both an IPv4 and IPv6 IP address is listed? Postfix
> may still use other network interfaces not listed (IP addresses).
If IPv6 is disabled, then IPv6 elements of inet_interfaces don't apply.
I don't recall whether they are then ignored, or a configuration error
is reported.
> Changing the parameter name wouldn't be a bad idea either seeing
> parameter values are actually IP addresses and not interface names, as
> the parameter name suggests.
That'd be a invalidation of long-standing practice for little gain.
In many cases there's just one address per interface and address
selection on a multi-homed host amounts to interface selection.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
