From owner-freebsd-questions@freebsd.org Fri Oct 1 20:41:55 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0C5AC6B5AAD for ; Fri, 1 Oct 2021 20:41:55 +0000 (UTC) (envelope-from merlyn@geeks.org) Received: from mail.geeks.org (jacobs.geeks.org [204.153.247.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4HLhqQ01gcz3GHr for ; Fri, 1 Oct 2021 20:41:53 +0000 (UTC) (envelope-from merlyn@geeks.org) Received: from mail.geeks.org (localhost [127.0.0.1]) by after-clamsmtpd.geeks.org (Postfix) with ESMTP id 7CF4B13207 for ; Fri, 1 Oct 2021 15:41:47 -0500 (CDT) Received: by mail.geeks.org (Postfix, from userid 1003) id 6F2D7131F0; Fri, 1 Oct 2021 15:41:47 -0500 (CDT) Date: Fri, 1 Oct 2021 15:41:47 -0500 From: Doug McIntyre To: freebsd-questions@freebsd.org Subject: Re: FreeBSD.org MX servers refusing mail from host via ipv6 Message-ID: References: <8BF8713A-6677-4BAD-A61B-9A7B5D9CC297@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <8BF8713A-6677-4BAD-A61B-9A7B5D9CC297@gmail.com> X-Virus-Scanned: ClamAV using ClamSMTP X-Rspamd-Queue-Id: 4HLhqQ01gcz3GHr X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of merlyn@geeks.org designates 204.153.247.1 as permitted sender) smtp.mailfrom=merlyn@geeks.org X-Spamd-Result: default: False [-3.30 / 15.00]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ptr]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCVD_COUNT_THREE(0.00)[3]; DMARC_NA(0.00)[geeks.org]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:7753, ipnet:204.153.244.0/22, country:US]; RCVD_TLS_LAST(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Oct 2021 20:41:55 -0000 On Fri, Oct 01, 2021 at 02:37:08PM +0200, Paul van der Zwan wrote: > It looks like the freebsd.org servers are refusing mails from unresolvable hosts: As much as I think it is worthless security, this has been the standard for quite some time on IPv4, and IPv6 copied it along. I'm not sure you'd find more than a handful of mail servers out there that would let a mailserver without a reverse PTR setup to talk to them either on IPv4 nor IPv6. So, if you don't get to control your IPv6 reverse PTR, you probably shouldn't be sending email from that machine, because none of it is going to get through. GMail certainly will never let you talk on IPv6 without a reverse PTR record. I'm sure FreeBSD MX is just following "best" practices. > For IPv6 this seems like a very strict requirement as it’s almost impossible to get reverse DNS working for autoconfigured IPv6 adresses ? Mail servers typically have static IP addresses? Servers that aren't mail servers but still send email should probably relay through a fixed submission server. > Is there an IPv4 only alias I can route mail to for freebsd.org domain ? You could always configure your email server to only be sending IPv4 email to certain domains. Ie for postfix, something like https://tanguy.ortolo.eu/blog/article109/google-ipv6-smtp-restrictions