dragoangel
commented
2 months ago You need run curl -6 https://ifconfig.me/ from host and from docker compose exec postfix-mailcow curl -6 https://ifconfig.me/
Open 7zx opened 2 months ago
dragoangel
commented
2 months ago You need run curl -6 https://ifconfig.me/ from host and from docker compose exec postfix-mailcow curl -6 https://ifconfig.me/
dragoangel
commented
2 months ago Did you tried running ./update.sh and did you removed old IPv6 nat stuff and properly set /etc/docker/daemon.json to work with ipv6?
7zx
commented
2 months ago Did you tried running
./update.shand did you removed old IPv6 nat stuff and properly set/etc/docker/daemon.jsonto work with ipv6?
Regarding the output from the commands:
root@mail:/opt/mailcow-dockerized# curl -6 https://ifconfig.me/
2a03:0:142:0:bad:c0de:39ac:29ad
root@mail:/opt/mailcow-dockerized#
root@mail:/opt/mailcow-dockerized# docker compose exec postfix-mailcow curl -6 https://ifconfig.me/
2a03:0:142:0:bad:c0de:39ac:29ad
root@mail:/opt/mailcow-dockerized#IPv6 NAT was recommended during after i first ran the ./update.sh command, and I attempted to configure IPv6 without it, encountering the same issue. Additionally, I did not modify /etc/docker/daemon.json, assuming that Mailcow would handle this automatically, similar to how it managed IPv4.
The daemon.json file contains the following:
{"ipv6":true,"fixed-cidr-v6":"fd00:dead:beef:c0::/80","experimental":true,"ip6tables":true}I have also executed the ./update.sh command multiple times without resolving the IPv6 connectivity problem.
dragoangel
commented
2 months ago Did you tried running
./update.shand did you removed old IPv6 nat stuff and properly set/etc/docker/daemon.jsonto work with ipv6?Regarding the output from the commands:
root@mail:/opt/mailcow-dockerized# curl -6 https://ifconfig.me/ 2a03:0:142:0:bad:c0de:39ac:29ad root@mail:/opt/mailcow-dockerized# root@mail:/opt/mailcow-dockerized# docker compose exec postfix-mailcow curl -6 https://ifconfig.me/ 2a03:0:142:0:bad:c0de:39ac:29ad root@mail:/opt/mailcow-dockerized#IPv6 NAT was recommended during after i first ran the
./update.shcommand, and I attempted to configure IPv6 without it, encountering the same issue. Additionally, I did not modify/etc/docker/daemon.json, assuming that Mailcow would handle this automatically, similar to how it managed IPv4.The
daemon.jsonfile contains the following:{"ipv6":true,"fixed-cidr-v6":"fd00:dead:beef:c0::/80","experimental":true,"ip6tables":true}I have also executed the
./update.shcommand multiple times without resolving the IPv6 connectivity problem.
Em... you have working IPv6, at least from container... Did you tried send mail to gmail and check over which IP you would receive it? Also what you see in ACME? Do ACME container detect IPv6 properly?
I see that you accepting connection over IPv6 without issues...
7zx
commented
2 months ago Did you tried send mail to gmail and check over which IP you would receive it?
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@polido.pt header.s=dkim header.b=gZjpwXpe;
spf=pass (google.com: domain of goncalo@polido.pt designates 185.113.142.56 as permitted sender) smtp.mailfrom=goncalo@polido.pt;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=polido.pt
Return-Path: <goncalo@polido.pt>
Received: from mail.polido.pt (mail.polido.pt. [185.113.142.56])
by mx.google.com with ESMTPS id f8-20020a05600c4e8800b0041907540685si10467857wmq.129.2024.04.27.08.53.13
for <goncalopolido@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sat, 27 Apr 2024 08:53:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of goncalo@polido.pt designates 185.113.142.56 as permitted sender) client-ip=185.113.142.56;
Authentication-Results: mx.google.com;
dkim=pass header.i=@polido.pt header.s=dkim header.b=gZjpwXpe;
spf=pass (google.com: domain of goncalo@polido.pt designates 185.113.142.56 as permitted sender) smtp.mailfrom=goncalo@polido.pt;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=polido.ptDo ACME container detect IPv6 properly?
root@mail:~# ip -6 addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000 inet6 2a03:0:142:0:bad:c0de:39ac:29ad/64 scope global valid_lft forever preferred_lft forever inet6 fe80::216:3cff:fe57:b4dc/64 scope link valid_lft forever preferred_lft forever 3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 state DOWN inet6 fd00:dead:beef:c0::1/80 scope global tentative valid_lft forever preferred_lft forever inet6 fe80::1/64 scope link tentative valid_lft forever preferred_lft forever 4: br-mailcow: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fd4d:6169:6c63:6f77::1/64 scope global valid_lft forever preferred_lft forever inet6 fe80::42:10ff:fef2:e203/64 scope link valid_lft forever preferred_lft forever inet6 fe80::1/64 scope link valid_lft forever preferred_lft forever 6: veth5c807e5@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::a8ee:faff:feb1:dcf7/64 scope link valid_lft forever preferred_lft forever 8: veth672d9f7@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::602f:3cff:fe7f:188c/64 scope link valid_lft forever preferred_lft forever 10: veth63c75a9@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::ac72:4cff:fef6:3230/64 scope link valid_lft forever preferred_lft forever 12: vethb927b2f@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::54bd:9dff:feb2:f8b6/64 scope link valid_lft forever preferred_lft forever 14: veth11ed4a5@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::4ceb:71ff:febf:4a7f/64 scope link valid_lft forever preferred_lft forever 16: vetha8817de@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::7c75:33ff:fe08:fcc0/64 scope link valid_lft forever preferred_lft forever 18: veth6c860fb@if17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::44d0:60ff:fe21:e781/64 scope link valid_lft forever preferred_lft forever 20: veth31ab411@if19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::14bf:8fff:fed0:64d3/64 scope link valid_lft forever preferred_lft forever 22: veth6f5ccff@if21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::f08c:7bff:fed4:7b7c/64 scope link valid_lft forever preferred_lft forever 24: vethc2a7e7d@if23: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::54c6:ffff:feda:ee29/64 scope link valid_lft forever preferred_lft forever 26: veth4b2bdf2@if25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::5e:57ff:fee9:635f/64 scope link valid_lft forever preferred_lft forever 28: veth3c98b74@if27: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::b418:fdff:fefa:b737/64 scope link valid_lft forever preferred_lft forever 30: veth0d4b122@if29: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::f053:a9ff:fe0d:a64a/64 scope link valid_lft forever preferred_lft forever 32: vethfb9312f@if31: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::cf2:a4ff:fe23:c780/64 scope link valid_lft forever preferred_lft forever 34: vethb393ca0@if33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::70b4:6fff:febf:342a/64 scope link valid_lft forever preferred_lft forever 36: veth38f5a18@if35: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::cccb:86ff:fe0b:4a15/64 scope link valid_lft forever preferred_lft forever 38: veth1d99276@if37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP inet6 fe80::3a:52ff:fe61:2db8/64 scope link valid_lft forever preferred_lft forever root@mail:~# docker exec -it mailcowdockerized-acme-mailcow-1 /bin/bash 1230f1835b64:/# ip -6 addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 23: eth0@if24: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 state UP inet6 fd4d:6169:6c63:6f77::b/64 scope global flags 02 valid_lft forever preferred_lft forever inet6 fe80::42:acff:fe16:109/64 scope link valid_lft forever preferred_lft forever 1230f1835b64:/# ping6 ipv6.google.com PING ipv6.google.com (2a00:1450:4003:808::200e): 56 data bytes 64 bytes from 2a00:1450:4003:808::200e: seq=0 ttl=120 time=10.671 ms 64 bytes from 2a00:1450:4003:808::200e: seq=1 ttl=120 time=10.631 ms 64 bytes from 2a00:1450:4003:808::200e: seq=2 ttl=120 time=10.773 ms 64 bytes from 2a00:1450:4003:808::200e: seq=3 ttl=120 time=10.645 ms ^C --- ipv6.google.com ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max = 10.631/10.680/10.773 ms 1230f1835b64:/#
dragoangel
commented
2 months ago I mean acme logs, and about postfix: you sure you not set stuff like prefer ipv4 etc? I don't see any reason why you have it not working as it already works even in inside container
7zx
commented
2 months ago I don't see any reason why you have it not working as it already works even in inside container
Because this is a bug and it should be reported? I've also included the ACME logs above... While the service is functional, the intention is for it to display my IPv4 and IPv6 on the Mailcow UI and operate with both IPv4 and IPv6 since both are enabled on my server and set on my DNS records and currently, this isn't fully reflected, which is why I'm trying to find out why this is happening.
Here are my ACME logs again:
dragoangel
commented
2 months ago Did you tried to reproduce same cli commands I referred couple of comments ago?
local IPV6=
local IPV6_SRCS=
local TRY=
IPV6_SRCS[0]="ip6.mailcow.email"
IPV6_SRCS[1]="ip6.nevondo.com"
until [[ ! -z ${IPV6} ]] || [[ ${TRY} -ge 10 ]]; do
IPV6=$(curl --connect-timeout 3 -m 10 -L6s ${IPV6_SRCS[$RANDOM % ${#IPV6_SRCS[@]} ]} | grep "^\([0-9a-fA-F]\{0,4\}:\)\{1,7\}[0-9a-fA-F]\{0,4\}$")
[[ ! -z ${TRY} ]] && sleep 1
TRY=$((TRY+1))
done
echo ${IPV6}Btw 2gb and 1 core? Sorry but you need expect ooms very strongly
7zx
commented
2 months ago Btw 2gb and 1 core? Sorry but you need expect ooms very strongly
How is this related to my IPv6 issue 😂? Also regarding the server specs, I receive and send over 100 emails daily without encountering any issues. The server operates smoothly despite running on 2GB RAM and 1 core.
dragoangel
commented
2 months ago Btw 2gb and 1 core? Sorry but you need expect ooms very strongly
How is this related to my IPv6 issue 😂? Also regarding the server specs, I receive and send over 100 emails daily without encountering any issues. The server operates smoothly despite running on 2GB RAM and 1 core.
It's not related. But any separate software from bunch mailcow contains by itself easily can consume all your ram, especially dovecot, rspamd, not speaking about clamav.
About your issue with ipv6 you still not tried what I asked or not provided details?
7zx
commented
2 months ago I didn’t understand what you want me to do, can you reformulate?
dragoangel
commented
2 months ago Just run commands one by one from function that get ipv6 in acme.sh, aka debug. On host and in container
7zx
commented
2 months ago Just run commands one by one from function that get ipv6 in acme.sh, aka debug. On host and in container
OK: 185.113.142.56, 0000:0000:0000:0000:0000:0000:0000:0000 Found AAAA record for autodiscover.polido.pt: 2a03:0:142:0:bad:c0de:39ac:29ad - skipping A record check Cannot match your IP 0000:0000:0000:0000:0000:0000:0000:0000 against hostname autodiscover.polido.pt (DNS returned 2a03:0000:0142:0000:0bad:c0de:39ac:29ad) Found AAAA record for autoconfig.polido.pt: 2a03:0:142:0:bad:c0de:39ac:29ad - skipping A record check Cannot match your IP 0000:0000:0000:0000:0000:0000:0000:0000 against hostname autoconfig.polido.pt (DNS returned 2a03:0000:0142:0000:0bad:c0de:39ac:29ad) Found AAAA record for mail.polido.pt: 2a03:0:142:0:bad:c0de:39ac:29ad - skipping A record check Cannot match your IP 0000:0000:0000:0000:0000:0000:0000:0000 against hostname mail.polido.pt (DNS returned 2a03:0000:0142:0000:0bad:c0de:39ac:29ad) Cannot validate any hostnames, skipping Let's Encrypt for 1 hour. Use SKIP_LETS_ENCRYPT=y in mailcow.conf to skip it permanently.
dragoangel
commented
2 months ago What you have when doing just basic curl ip6.mailcow.email and curl ip6.nevondo.com?
7zx
commented
2 months ago What you have when doing just basic
curl ip6.mailcow.emailandcurl ip6.nevondo.com?
timeout outside and inside the acme container
dragoangel
commented
2 months ago What you have when doing just basic
curl ip6.mailcow.emailandcurl ip6.nevondo.com?timeout outside and inside the acme container
Then this totally explains why mailcow can't detect IP. Did you contacted your ISP about that you can't reach this resources?
milkmaker
commented
2 months ago THIS IS A AUTOMATED MESSAGE!
It seems your issue is not a bug. Therefore we highly advise you to get support!
You can get support either by:
This issue will be closed. If you think your reported issue is not a support case feel free to comment above and if so the issue will reopened.
dragoangel
commented
2 months ago ups :D
anyway, it's really not a place to discuss network connectivity issues. You need get this ips working.
@DerLinkman is there is a chance that somebody could be banned on firewall etc in front of this resources? I think - no
milkmaker
commented
2 days ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Contribution guidelines
I've found a bug and checked that ...
Description
Logs:
Steps to reproduce:
Which branch are you using?
master
Which architecture are you using?
x86
Operating System:
Debian GNU/Linux 11 (bullseye)
Server/VM specifications:
2 GB RAM DDR4, 1 vCPU @3,60Ghz
Is Apparmor, SELinux or similar active?
AppArmor is active
Virtualization technology:
KVM
Docker version:
26.1.0
docker-compose version or docker compose version:
v2.26.1
mailcow version:
2024-04
Reverse proxy:
Nginx
Logs of git diff:
Logs of iptables -L -vn:
Logs of ip6tables -L -vn:
Logs of iptables -L -vn -t nat:
Logs of ip6tables -L -vn -t nat:
DNS check:
Additional Information:
mailcow/acme container logs:
curl –connect-timeout 3 -m 10 -L6s ip6.mailcow.email command output on the server:
curl –connect-timeout 3 -m 10 -L6s ip6.mailcow.email command output inside the mailcow/acme container:
Native IPv6 NAT status:
Cloudflare DNS records:
Hosting Provider:
Innov4Web
Reverse DNS status:
Hostname and IPv4/IPv6 addresses associated with my Mailcow server:
Mailcow UI:
Notes:
All of this is being done on a fresh installation of Debian 11.
My hosting provider, Innov4Web, utilizes SolusVM for server control panel management and IPv6 is enabled on the server: