Troubling to use an IPv6-address in source table (table(5))

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Troubling to use an IPv6-address in source table (table(5))

Juuso Lapinlampi
Hi misc@.

I have a source table for IP-addresses I'd like to use bind to for
outgoing mail with OpenSMTPD. For some reason, I can't add
IPv6-addresses to it.

To give you an idea, without configuration outgoing mail goes out from ( []). This is unintended and
should instead use ( [])
or the equivalent IPv6-address. These are on the same physical server
and shared NIC.

I have an smtpd.conf [1] that looks like this (simplified):

    table addresses file:/etc/mail/addresses

    mail_host = ""
    pki $mail_host certificate "/etc/ssl/"
    pki $mail_host key "/etc/ssl/private/"
    listen on lo0
    accept from local for any relay source <addresses> \
        hostname $mail_host pki $mail_host

/etc/mail/addresses [2]:

However, any IPv6-address in /etc/mail/addresses is an error:

    /etc/mail/smtpd.conf:18: invalid configuration file
    /etc/mail/addresses for table addresses

This is OK in /etc/mail/addresses:

OpenSMTPD would also happily accept this:

According to table(5), a source table looks like:

But none of these are accepted in the addresses table with or without an


So what am I doing wrong?

smtpd.conf(5) is very confusing about some of the syntaxes, such as:

    relay [backup [mx]] [as address] [source <source>]
            [hostname name] [hostnames <names>] [pki pkiname]
            [tls [verify]]

In fact, source <source> makes OpenSMTPD think it's an netaddr table and
won't accept it in the previously mentioned relaying context. I call
this almost certainly to be a bug (in documentation). There were other
similar documentation quirks that I found.

I tried doing something with addrname tables, but mail is still sent out
from the default IP-address on the server which is not what I expected.

By the way, there seems to be no sensible way to make this compact on a
shared NIC:

    mail_addr4 = ""
    mail_addr6 = "2a00:1a28:1510:1::154"
    listen on $mail_addr4 tls pki $mail_host hostname $mail_host
    listen on $mail_addr6 tls pki $mail_host hostname $mail_host
    listen on $mail_addr4 port 587 tls-require pki $mail_host \
        auth <secrets> hostname $mail_host
    listen on $mail_addr6 port 587 tls-require pki $mail_host \
        auth <secrets> hostname $mail_host

I thought an addrname table might help with it, but I couldn't find a
way to do it.

This is on OpenBSD 5.9 -stable. Help appreciated.