Postfix IPv6 Support

Published on
8,097 Points
Last Modified:
Getting postfix to support IPv6 is a relatively simple matter (when you know how - or - have read this Article).

First of all you must ensure that your server has IPv6 connectivity to the Internet.

By default postfix will listen only on IPv4, to enable IPv6 add the following to main.cf

You only need to add the bind address, if you have multiple IPv6 addresses on your server and you want to limit it to just the one.  This will allow you to get the hostname to match the A & PTR records.
inet_protocols = ipv4,ipv6


Open in new window

If you have client PC's using IPv6 on your local network you might want to allow them to connect to you server using IPv6 and relay outbound mail.  The IPv6 address must be enclosed in square brackets so that it is not confused with a "type:table" pattern.

mynetworks =

Open in new window

Also be sure that if you have a firewall that IPv6 traffic is permitted to pass through it.

ip6tables -A INPUT -p TCP --dport smtp -j ACCEPT
ip6tables -A OUTPUT -p TCP --dport smtp -j ACCEPT

Open in new window

If you have any access control maps you can list IPv6 addresses in the same way that you list IPv4 addresses.  Do not enclose the IPv6 address in square brackets, like you did in the mynetworks parameter.

Once you have made the changes to your main.cf, restart the service.
On CentOS/RedHat I do that like this.

# service postfix restart

A simple way to test you configuration is to use the telnet command to start a connection to the server on the smtp port

root@box3 # telnet box6.bevhost.com smtp
Trying 2607:f878:1:668::84...
Connected to box6.bevhost.com.
Escape character is '^]'.
220 box6.bevhost.com ESMTP Postfix
helo box3.bevhost.com
250 box6.bevhost.com
mail from: <example@bevhost.com>
250 2.1.0 Ok
rcpt to: <experts@bevhost.com>
250 2.1.5 Ok
354 End data with <CR><LF>.<CR><LF>
Subject: test


250 2.0.0 Ok: queued as 39F3734A8031
221 2.0.0 Bye
Connection closed by foreign host.
root@box3 #

If you also run an IMAP server such as dovecot, you'll probably want to enable IPv6 for that too.  edit /etc/dovecot.conf

listen = *, [::] 

Open in new window

Once your service is accepting connections with IPv6 it is OK to let the rest of the world know by publishing a AAAA Record for your server in the DNS.  Normally the AAAA record would be the same name as the A record for your host.  Also be sure to have your ISP create a PTR record for your IPv6 Address that matches the AAAA record AND the hostname of your server.


Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Join & Write a Comment

In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month