Configure hMailServer To Make And Accept IPv6 Connections

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
User avatar
jim.bus
Normal user
Normal user
Posts: 233
Joined: 2011-05-28 11:49
Location: US

Configure hMailServer To Make And Accept IPv6 Connections

Post by jim.bus » 2019-03-31 23:33

I wish to configure hMailServer to make and accept IPv6 Address connections. Right now Email Server hosts are probably all using IPv4 Host Addresses but IPv6 only Email Servers in the future may start sending email messages and I would like my hMailServer to be prepared to make and accept IPv6 connections

I believe the following list of additions and changes are what would be necessary to configure hMailServer with hMailAdmin to make and accept IPv6 Connections.

1. My hMailServer runs at a IPv4 Address (the Host) address.
2. To make and accept IPv6 Address connections I believe the configuration should be as follows:
a. Set up an IP Range for Internet (IPv6) with the IP Range being from 0000:0000:0000:0000:0000:0000:0000:0000 to ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
b. Use same configuration for all other parameters as on the default IPv4 Internet Address IP Range.
1) I am making an assumption to avoid an ambiguity in hMailServer, I should assign a different Priority to the IPv6 Range and arbitrarily suggesting a Higher Priority than the IPv4 Internet Range.
c. A minor problem may exist when using option to Bypass Greylisting when message comes from an 'A' or 'MX' Record.
1) DNS A Records define an IPv4 Address record.
2) DNS AAAA Records define an IPv6 Address record.
3) Is Greylisting bypassed when the message comes from an 'AAAA' Record which is the IPv6 Address Record equivalent to an IPv4 Address 'A' Record.
d. Add additional TCP/IP Ports the same as the default TCP/IP Ports for all IPv4 Addresses changing the IP Addresses from '0.0.0.0' to '::' (without the quotes).
3. I am assuming I will not need to make any DNS changes such as SPF or DKIM TXT Records since hMailServer will still do SMTP (Sending Messages) connections from its IPv4 Address (hostname)

Is the above list correct as to what additions and changes I would need to make to configure hMailServer to make and accept IPv6 Address connections?

Are there any other changes or additions I have not addressed in the above list of changes and additions?

User avatar
mattg
Moderator
Moderator
Posts: 19979
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Configure hMailServer To Make And Accept IPv6 Connections

Post by mattg » 2019-04-01 01:20

jim.bus wrote:
2019-03-31 23:33
2. To make and accept IPv6 Address connections I believe the configuration should be as follows:
a. Set up an IP Range for Internet (IPv6) with the IP Range being from 0000:0000:0000:0000:0000:0000:0000:0000 to ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Actually

Code: Select all

:: to ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
jim.bus wrote:
2019-03-31 23:33
1) I am making an assumption to avoid an ambiguity in hMailServer, I should assign a different Priority to the IPv6 Range and arbitrarily suggesting a Higher Priority than the IPv4 Internet Range.
That really doean't matter.
Windows chooses IPv6 or IPV4 if both are available
jim.bus wrote:
2019-03-31 23:33
c. A minor problem may exist when using option to Bypass Greylisting when message comes from an 'A' or 'MX' Record.
1) DNS A Records define an IPv4 Address record.
2) DNS AAAA Records define an IPv6 Address record.
3) Is Greylisting bypassed when the message comes from an 'AAAA' Record which is the IPv6 Address Record equivalent to an IPv4 Address 'A' Record.
You greylist?
You greylist bypass?

however, yes greylist bypass probably doesn't work for AAAA records (I've not tested as I haven't greylisted for many years, and if you are going to bypass greylisting for an A or MX record, why bother? There won't be much left to greylist.)
jim.bus wrote:
2019-03-31 23:33
d. Add additional TCP/IP Ports the same as the default TCP/IP Ports for all IPv4 Addresses changing the IP Addresses from '0.0.0.0' to '::' (without the quotes).
correct
jim.bus wrote:
2019-03-31 23:33
3. I am assuming I will not need to make any DNS changes such as SPF or DKIM TXT Records since hMailServer will still do SMTP (Sending Messages) connections from its IPv4 Address (hostname)
That's an incorrect assumption
jim.bus wrote:
2019-03-31 23:33
Are there any other changes or additions I have not addressed in the above list of changes and additions?
You need an IPv6 on your WAN connection. Very few ISPs offer that in Australia, but in other countries this is common.

gMail prefers IPV6 if you wish to test.


My LAN has both IPv4 and IPv6 addresses, and hmailserver just works on either. I have actually turned IPv6 off in my LAN until my ISP supports it, just to keep my logs simpler.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
jim.bus
Normal user
Normal user
Posts: 233
Joined: 2011-05-28 11:49
Location: US

Re: Configure hMailServer To Make And Accept IPv6 Connections

Post by jim.bus » 2019-04-01 04:38

mattg wrote:
2019-04-01 01:20
jim.bus wrote:
2019-03-31 23:33
Are there any other changes or additions I have not addressed in the above list of changes and additions?
You need an IPv6 on your WAN connection. Very few ISPs offer that in Australia, but in other countries this is common.

gMail prefers IPV6 if you wish to test.


My LAN has both IPv4 and IPv6 addresses, and hmailserver just works on either. I have actually turned IPv6 off in my LAN until my ISP supports it, just to keep my logs simpler.
I am not understanding why I need to have an IPv6 on my WAN Connection.
1. I only have an IPv4 External (Public) IP Address connecting to my ASUS RT-AC5300 Router which is connected to my ISP's Gateway's (really a Pace Gateway) LAN Port. I have a pool of 5 Static IPv4 Addresses
to which I assign a Static IPv4 Address from the pool of 5 Static IPv4 Addresses. The RT-AC5300 WAN Connection Type I am using is technically Automatic IP but since the AT&T Gateway only assigns an
External (Public) Static IPv4 Address to the RT-AC5300 WAN Port, the WAN IPv4 Address is essentially an External (Public) IP Address Connection. I use an Automatic IP WAN connection type on the RT-AC5300
due to a peculiarity of the RT-AC5300 Firmware which will allow me to get an auto renewing Let's Encrypt Certificate for External Remote Connection to User Interface of the RT-AC5300 (for when I allow an
External Connection to the User Interface) which can only be used when the External IP Address is thought to be Automatic.
2. I only use a Static IPv4 LAN Address for my hMailServer PC.
3. My understanding is that IPv6 Email Servers connecting to my hMailServer will be using a DNS MX Query of my hostname which will only resolve to an IPv4 Address and hence the connection will be made through
my RT-AC5300 Router as a connection to an IPv4 Address though an IPv6 Email Server would have obviously have an IPv6 Address associated with it when connecting to my RT-AC5300 Router.
4. When my hMailServer sends an email to an IPv6 Address Email Server, I am assuming it will do a DNS MX Query of the Hostname which will resolve to an IPv6 Address.
5. So are you saying that in order to send email to an IPv6 Email Server, I will have to have IPv6 Enabled on my RT-AC5300 to send to the IPv6 Email Server.

User avatar
mattg
Moderator
Moderator
Posts: 19979
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Configure hMailServer To Make And Accept IPv6 Connections

Post by mattg » 2019-04-01 06:27

jim.bus wrote:
2019-04-01 04:38
3. My understanding is that IPv6 Email Servers connecting to my hMailServer will be using a DNS MX Query of my hostname which will only resolve to an IPv4 Address and hence the connection will be made through
my RT-AC5300 Router as a connection to an IPv4 Address though an IPv6 Email Server would have obviously have an IPv6 Address associated with it when connecting to my RT-AC5300 Router.
4. When my hMailServer sends an email to an IPv6 Address Email Server, I am assuming it will do a DNS MX Query of the Hostname which will resolve to an IPv6 Address.
5. So are you saying that in order to send email to an IPv6 Email Server, I will have to have IPv6 Enabled on my RT-AC5300 to send to the IPv6 Email Server.
Can't send IPv6 via IPv4 unless you have tunneling in place, but that's a bit like wanting to drive a jet airliner up the freeway - you can do it...very carefully, but why would you?

IPv6 is very different to IPv4. It's not just the length of the address.

IPv4 gets around its size limitation by using LAN networks.
With IPv6, your mailserver will have one (or more) IPv6 addresses that are accessible from the internet as well as from the local network. All devices will need their own firewall, LAN will become a thing of the past, as will NAT routing.

In fact now that we have worked around many of the limitations of IPv4, the need to move to IPv6 has stalled. There is no longer such urgency to move.

And yes, for you to send to an IPv6 enabled server(other than via tunneling), you will need IPv6 to your router and from your router, to your server and your router will cease to use NAT. Routing will ensure that there is a direct connection between devices.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
Dravion
Senior user
Senior user
Posts: 1410
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Re: Configure hMailServer To Make And Accept IPv6 Connections

Post by Dravion » 2019-04-01 09:04

You first need a IPv6 Router Connection to the Internet for your LAN or if you run hMS from a Dedicated Server at some Hosting Company like Hostgator the VLAN needs to be configurrd with IPv6 Dualdtack and IPv6 advertisement and you need a assigned Segment of atleast 64 Bit to your Servers Networkcard. The next thing is a DNS-Servees which is capable to resolve AAAA Records
and is able to map AAAA Records to MX Records.

ps: If you run IPv6 only, all incomning IPv4 SMTP
Connections will fail (which is the majority)and only
sending and resceiving IPv6 SMTP Servers are able to connect via SMTP. To be able to catch SMTP IPv4 and IPv6 Emails you need to configure a Dualstack Setup.

User avatar
jim.bus
Normal user
Normal user
Posts: 233
Joined: 2011-05-28 11:49
Location: US

Re: Configure hMailServer To Make And Accept IPv6 Connections

Post by jim.bus » 2019-04-06 10:27

Thanks to all on their input to me. Your input steered me to where I needed to do more research on what was necessary to do the proper set up.

I believe I had, at least, the starting of a Dual Stack set up on my Router (including a DNS6 Server) though at the time I didn't realize I was setting up a Dual Stack set up. But I am not certain I managed to get a Static IPv6 Address. According to further research I did believe the IPv6 Address I got may have not been Static meaning there was a possibility at some later time I could receive a different IPv6 Address.

So until I have more time for further research, some of which will be with my ISP, I will put on hold the setting up of IPv6 for hMailServer.

User avatar
SorenR
Senior user
Senior user
Posts: 3169
Joined: 2006-08-21 15:38
Location: Denmark

Re: Configure hMailServer To Make And Accept IPv6 Connections

Post by SorenR » 2019-04-06 11:02

In my mind IPv6 was never supposed be used big scale. It was a way to tell IPv4 horders to let go or they will be in for the worst time of their life :mrgreen:

For me... The day I turn to IPv6...
Image
SørenR.

The quantum rule of insecurity which states that the act of observing how vulnerable a host or service is changes the insecurity level of the service.

Post Reply