From owner-freebsd-questions@freebsd.org Fri Oct 1 21:23:29 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 338FA6B6423 for ; Fri, 1 Oct 2021 21:23:29 +0000 (UTC) (envelope-from paulz42@gmail.com) Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HLjlN39pSz3KcK for ; Fri, 1 Oct 2021 21:23:28 +0000 (UTC) (envelope-from paulz42@gmail.com) Received: by mail-ed1-x533.google.com with SMTP id s17so38542693edd.8 for ; Fri, 01 Oct 2021 14:23:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=VSPgb7l7qqDQgNZ1telCU04oKNcNi5LigF0xZCsRn0U=; b=dwod/lSuRn3TOw76vXTQByP96VkvDQ9ge3gxY36grls9i2WNNoZTTAjlR8sT3WEeMR ucOM3BrK5OHQpgin02ehUgVCRbUo7xyLKZY/dRUIwIIwPEyfHM4465ifY9BhnhK5DkqX 96D7UZMQptHikVULraww9IZ/p0h1mtZU2sW3ckxv+X3R/3QeB+9g79ovkT4vp8cAvF1n 8ER40qKuw9ykByhsAMlydKTg0HPreux4Ju0qW9kiCqhTi0ZIMIyD+40YFDnW+qCa1Rro jd3JJfGTrc5EiLPd2El83IML0wFmMzWTV6oye0ifLMiP5X/FM5i+gbq+g8Ef+S0VxOnW aDSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=VSPgb7l7qqDQgNZ1telCU04oKNcNi5LigF0xZCsRn0U=; b=xX9hrWTf5cGow8Gb/B3tPN387TN25TYCCkppCa2B3UYVPA6zdnlODL4iHbRR5Tme0Z nbWxJPlX76QWkkH3EBjY03ijHhZ/E1qQyzy9ZMtV2DNt6titxvEe/kLMKKuML6dENDyD P6E5GIcxRnHZAvTnG8mmwbH4HLjG3JFFD6ygVazsN1gFVdQcyvoQC4iqyr9rYa9syIwY J++Nxbp7K6tKKl02mdQVGkqW/HRjuY1MmwWwIQiRePSkr4L27IlQ0BbJJB4Kb2upS2NS bsnDBx0UgUxIqzz6OddJJxzT+3fhZkBGOKaExKrf8gmVct3LgOaajrp+6VWrDo22JD0R g4UA== X-Gm-Message-State: AOAM530QutK4qJLly1CA0P2gvS5ZcdanqOKLl4uS9nAl8OjG3AzNeMZ+ OYWlUZvKZX4+Da1wx7y7EsMLjQrsvWk= X-Google-Smtp-Source: ABdhPJyzlYi7dJAt3/v40wzs0VCKcHY4QvQFZihF4WfVFFgidbaurskT2+UwtvBrM0E/AXFWeidRpw== X-Received: by 2002:a17:906:25d7:: with SMTP id n23mr211546ejb.322.1633123407470; Fri, 01 Oct 2021 14:23:27 -0700 (PDT) Received: from smtpclient.apple ([2a02:a461:283f:1:e02d:9dc6:377:abc9]) by smtp.gmail.com with ESMTPSA id j14sm3802473edl.21.2021.10.01.14.23.27 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 01 Oct 2021 14:23:27 -0700 (PDT) From: Paul van der Zwan Message-Id: <7F187395-7DAC-440E-9F3A-259DAB7A63C9@gmail.com> Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\)) Subject: Re: FreeBSD.org MX servers refusing mail from host via ipv6 Date: Fri, 1 Oct 2021 23:23:25 +0200 In-Reply-To: Cc: freebsd-questions@freebsd.org To: Doug McIntyre References: <8BF8713A-6677-4BAD-A61B-9A7B5D9CC297@gmail.com> X-Mailer: Apple Mail (2.3654.120.0.1.13) X-Rspamd-Queue-Id: 4HLjlN39pSz3KcK X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20210112 header.b="dwod/lSu"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of paulz42@gmail.com designates 2a00:1450:4864:20::533 as permitted sender) smtp.mailfrom=paulz42@gmail.com X-Spamd-Result: default: False [-2.49 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; URI_COUNT_ODD(1.00)[7]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.99)[-0.985]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::533:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Oct 2021 21:23:29 -0000 > On 1 Oct 2021, at 22:41, Doug McIntyre wrote: >=20 > On Fri, Oct 01, 2021 at 02:37:08PM +0200, Paul van der Zwan wrote: >> It looks like the freebsd.org servers are refusing mails from = unresolvable hosts: >=20 >=20 > As much as I think it is worthless security, this has been the > standard for quite some time on IPv4, and IPv6 copied it along. I'm > not sure you'd find more than a handful of mail servers out there that > would let a mailserver without a reverse PTR setup to talk to them > either on IPv4 nor IPv6. So, if you don't get to control your IPv6 > reverse PTR, you probably shouldn't be sending email from that > machine, because none of it is going to get through. >=20 My own mailserver refuses to relay when no PTR is found but accepts mail = destined for the local domain. Which I considered an acceptable compromise. > GMail certainly will never let you talk on IPv6 without a reverse PTR = record. Gmail has no problem whatsoever accepting mail from my mailserver. > I'm sure FreeBSD MX is just following "best" practices. >=20 This is the first time I ever ran into this so FreeBSD MX seems to be an = exception. >> For IPv6 this seems like a very strict requirement as it=E2=80=99s = almost impossible to get reverse DNS working for autoconfigured IPv6 = adresses ? >=20 > Mail servers typically have static IP addresses? Servers that aren't > mail servers but still send email should probably relay through a > fixed submission server. >=20 >> Is there an IPv4 only alias I can route mail to for freebsd.org = domain ? >=20 > You could always configure your email server to only be sending IPv4 > email to certain domains. Ie for postfix, something like > https://tanguy.ortolo.eu/blog/article109/google-ipv6-smtp-restrictions >=20 Having an ipv4 only MX would be nice but I guess I=E2=80=99ll have to = figure out a local solution. Running sendmail here so the postfix solution will not work but I think = I can add an IPV4 only mailer and use mailertable to route domains like = freebsd.org to that mailer. Thanks Paul > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org" >=20