Hi
so how to block IPV6 as sender in SMTP server? I would only want to send my emails via IPV4 SMTP?
DO i do this via MIAB Admin panel or via my VPS (im on linode)
Once again thanks
Any special reason to do that?
Disabling IP V6 will cause your mail server not being able to communicate with some servers. AFAIK, don’t think you can switch off that.
If it’s because of Gmail - Gmail doesn’t check your IPV6 reverse dns any more, they only check your SPF records.
Mailinabox is best used as-it-is.
Hey Daveteu
Thanks for always chiming in.
Main reason is for SPF records, I may use multiple IP address for one domain so yeah.
Someone was able to set it up for me for my first MIAB server last year with another Domain and it’s been working well with delivery for me till today. and so yeah its possible, just not sure now with the new SMTP if I should do to the configuration on MIAB side or my VPS linode side. DO you know?
Thanks as always
I would ask him but he won’t be free till end of the month.
If you are able to share what you intend to do with regards to your domain, we will be glad to help. Even if you use multiple IP addresses (with that, do you also mean multiple mail servers?), as long as you maintain a MX record for those IPs and you add it to SPF record, it should work.
For disabling for IPv6, I haven’t encountered any real world scenario where we will need to disable it.
As stated in the MiaB Setup Guide:
If you have a choice, choose a location for your machine that is near you — it’ll be faster! And if disabling IPv6 is an option, disable it.
Although the guide does not justify why it should be disabled, my personal experience is that more scammers are trying to hack the server on IPv6 because tools such as Fail2Ban are not as useful due to the higher number of IP addresses to probe with and it is easier to be placed on a blacklist you can never get off of because your IP address may be within some huge (quadrillions) IP address range with some malicious actors.
Disabling at the server firewall with tools such as UFW I found problematic because the rules get rewritten or MiaB just really doesn’t like it. You can attempt to disable with external firewall if that is an option for you, even if the firewall only blocks inbound traffic, otherwise rebuild the server without an IPv6 address is the only option I discovered for myself.
SPF has plenty of mechanisms to allow some fairly complex SPF records [1][2]. Just be aware of issues related to records that are longer than 255 characters, and note that while many pages may claim it is only a string issue, this claim assumes that the servers in question are not running some old versions of software, which, when it comes to mail servers, is not a safe assumption to make.
In the event you are having issues with your SPF record configuration, including longer than 255 characters, try posting here and we should be able to resolve the issue for you.
[1] http://www.open-spf.org/SPF_Record_Syntax/
[2] https://dmarcian.com/spf-syntax-table/
hi Thanks do you mean rebuild the server as in the MIAB server? or my VPS at Linode?
Thanks
I do not know the options available with Linode. Maybe they can remove the IPv6 address assigned to the VPS? Maybe they have a firewall that blocks outbound IPv6 from the server? Maybe you could save the image and use it to build a new VPS that doesn’t have IPv6?
OK after some research i found this
Google and other email- services sometimes block messages sent from an IPv6 address. Sending mail over IPv4 instead is sometimes an easy solution. If you are using Postfix, you can force your outbound emails to be sent over IPv4 by doing the following:
- Open /etc/postfix/main.cf with a text editor
- Find the line inet_protocols = all
- Replace all with ipv4
- Restart postfix
You should also make sure you have RDNS set up for any IP that you want to send email from. Please see this article for help with RDNS.
So do we have something similar in MIAB?
Once again thanks everyone
May I ask, why are you going through all these modifications. Is it because your email is block by Gmail?
To disable your DNS in Ubuntu
sudo bash -c 'cat <<EOF >> /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
EOF'
If you want to continue using IpV6, You can set reverse DNS for your linode by going to Linode -> Your node -> Network -> IPV6 -> Set RDnS.
You can set your RDns after you set a AAAA record.
ok just got confirmation that i should use this
- Open /etc/postfix/main.cf with a text editor
- Find the line inet_protocols = all
- Replace all with ipv4
- Restart postfix
The issue is i can’t seem to find nano /etc/postfix/main.cf when im in terminal?
it shows an empty file.
Sorry very new to SSH
ALSO the reason im using these mods because some experienced mailers i talk to told me this will help inboxing.
EDIT: OK i had to use sudo for it to work
- Open sudo nano /etc/postfix/main.cf
- Find the line inet_protocols = all
- Replace all with ipv4
- Restart postfix
SOLVED Thanks
I recommend you to disable ipv6 network interface instead because main.cf gets overwritten on every update.
1 Like
With Vultr they do not have an option to disable IPv6 without migrating to a new server. So I decided to just leave the IPv6 in place until it becomes an actual problem for me. When I was researching this, I did discover your suggested solution, but I vaguely recall that it created some sort of problem (in fact, every solution I tried created one problem or another) with MiaB that seemed to be related to the initial install and I was unable to rectify the problem, eventually reverting back to the original configuration.
Have you tested out changing a configuration and then having it work as expected?
I tested it on DO and Linode before I posted here. However, I have IPv6 enabled on my servers.