Troubling to use an IPv6-address in source table (table(5))

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Troubling to use an IPv6-address in source table (table(5))

Juuso Lapinlampi
Hi misc@.

I have a source table for IP-addresses I'd like to use bind to for
outgoing mail with OpenSMTPD. For some reason, I can't add
IPv6-addresses to it.

To give you an idea, without configuration outgoing mail goes out from
partyvan.eu (partyvan.eu [188.126.81.149]). This is unintended and
should instead use mail.partyvan.eu (mail.partyvan.eu [188.126.81.154])
or the equivalent IPv6-address. These are on the same physical server
and shared NIC.

I have an smtpd.conf [1] that looks like this (simplified):

    table addresses file:/etc/mail/addresses

    mail_host = "mail.partyvan.eu"
    pki $mail_host certificate "/etc/ssl/mail.partyvan.eu.chained.pem"
    pki $mail_host key "/etc/ssl/private/mail.partyvan.eu.key"
   
    listen on lo0
   
    accept from local for any relay source <addresses> \
        hostname $mail_host pki $mail_host

/etc/mail/addresses [2]:

    188.126.81.154
    2a00:1a28:1510:1::154

However, any IPv6-address in /etc/mail/addresses is an error:

    /etc/mail/smtpd.conf:18: invalid configuration file
    /etc/mail/addresses for table addresses

This is OK in /etc/mail/addresses:

    188.126.81.154

OpenSMTPD would also happily accept this:

    188.126.81.154
    188.126.81.155

According to table(5), a source table looks like:

    192.168.1.2
    192.168.1.3
    ::1
    ::2
    ipv6:::3
    ipv6:::4

But none of these are accepted in the addresses table with or without an
IPv4-address:

    2a00:1a28:1510:1::154
    [2a00:1a28:1510:1::154]
    ipv6:2a00:1a28:1510:1::154
    ::1

So what am I doing wrong?

smtpd.conf(5) is very confusing about some of the syntaxes, such as:

    relay [backup [mx]] [as address] [source <source>]
            [hostname name] [hostnames <names>] [pki pkiname]
            [tls [verify]]

In fact, source <source> makes OpenSMTPD think it's an netaddr table and
won't accept it in the previously mentioned relaying context. I call
this almost certainly to be a bug (in documentation). There were other
similar documentation quirks that I found.

I tried doing something with addrname tables, but mail is still sent out
from the default IP-address on the server which is not what I expected.

By the way, there seems to be no sensible way to make this compact on a
shared NIC:

    mail_addr4 = "188.126.81.154"
    mail_addr6 = "2a00:1a28:1510:1::154"
    listen on $mail_addr4 tls pki $mail_host hostname $mail_host
    listen on $mail_addr6 tls pki $mail_host hostname $mail_host
    listen on $mail_addr4 port 587 tls-require pki $mail_host \
        auth <secrets> hostname $mail_host
    listen on $mail_addr6 port 587 tls-require pki $mail_host \
        auth <secrets> hostname $mail_host

I thought an addrname table might help with it, but I couldn't find a
way to do it.

This is on OpenBSD 5.9 -stable. Help appreciated.

[1]: https://partyvan.eu/transparency/config/opensmtpd/smtpd.conf
[2]: https://partyvan.eu/transparency/config/opensmtpd/addresses