dual stack rbl

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

dual stack rbl

Benny Pedersen-2
how will postfix handle connections if recipient domains see ip in rbl
blacklist, will it be trying agin until all ips on recipient domain is
tryed ?

does it make sense ?

will first reject just win on dual stack ipv4 / ipv6 hostname ?

i ask this since i like to know what to do with that problem, if at all
anything
Reply | Threaded
Open this post in threaded view
|

Re: dual stack rbl

Jaroslaw Rafa
Dnia 31.10.2019 o godz. 21:27:46 Benny Pedersen pisze:

> how will postfix handle connections if recipient domains see ip in
> rbl blacklist, will it be trying agin until all ips on recipient
> domain is tryed ?
>
> does it make sense ?
>
> will first reject just win on dual stack ipv4 / ipv6 hostname ?
>
> i ask this since i like to know what to do with that problem, if at
> all anything

From what I have seen in the logs, if both IPv6 (AAAA) and IPv4 (A)
addresses are available, Postfix tries to connect on IPv6 first. If it can't
connect (for example because your sending server doesn't have IPv6 routing
:)), it falls back to IPv4.

However, if it connects successfully and gets a reject, it doesn't try again
to the IPv4 address.

I'm by no means an expert, it's just what I have seen in my server's logs.
--
Regards,
   Jaroslaw Rafa
   [hidden email]
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
Reply | Threaded
Open this post in threaded view
|

Re: dual stack rbl

Wietse Venema
In reply to this post by Benny Pedersen-2
Benny Pedersen:
> how will postfix handle connections if recipient domains see ip in rbl
> blacklist, will it be trying agin until all ips on recipient domain is
> tryed ?

Postfix implements the SMTP protocol.

If the remote SMTP server replies with 5XX, the sending Postfix
system returns the recipient as undeliverable.

If the remote SMTP server replies with 4XX, the sending Postfix
system leaves the recipient in the mail queue and retries later.

From the remote SMTP serrver's point of view, each SMTP connection
has two IP addresses: the client IP address and the server IP
address. Both addresses are in IPv4 form, or both addresses are in
IPv6 form.

In some cases, the Postfix SMTP server will convert (the text form
of) an IPv4-in-IPv6 address to IPv4, so that you won't have have
both forms in your Postfix access maps.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: dual stack rbl

Wietse Venema
In reply to this post by Jaroslaw Rafa
Jaroslaw Rafa:

> Dnia 31.10.2019 o godz. 21:27:46 Benny Pedersen pisze:
> > how will postfix handle connections if recipient domains see ip in
> > rbl blacklist, will it be trying agin until all ips on recipient
> > domain is tryed ?
> >
> > does it make sense ?
> >
> > will first reject just win on dual stack ipv4 / ipv6 hostname ?
> >
> > i ask this since i like to know what to do with that problem, if at
> > all anything
>
> >From what I have seen in the logs, if both IPv6 (AAAA) and IPv4 (A)
> addresses are available, Postfix tries to connect on IPv6 first. If it can't
> connect (for example because your sending server doesn't have IPv6 routing
> :)), it falls back to IPv4.

By default:

    smtp_address_preference = any

i.e. the Postfix SMTP client randomly selects between IPv4 and IPv6.

With Postfix 3.3 and later, Postfix is smarter about sites that
list more IPv6 addresses than IPv4 addresses (or vice versa). In
that case, Postfix will try to use equal numbers of IPv4 and IPv6
addresses (or vice versa), so that mail won't get stuck if, for
example, IPv6 is down.

        Wietse