Postfix IPv6 Support

David BeveridgeLinux Systems Admin
Getting postfix to support IPv6 is a relatively simple matter (when you know how - or - have read this Article).

First of all you must ensure that your server has IPv6 connectivity to the Internet.

By default postfix will listen only on IPv4, to enable IPv6 add the following to

You only need to add the bind address, if you have multiple IPv6 addresses on your server and you want to limit it to just the one.  This will allow you to get the hostname to match the A & PTR records.
inet_protocols = ipv4,ipv6

Open in new window

If you have client PC's using IPv6 on your local network you might want to allow them to connect to you server using IPv6 and relay outbound mail.  The IPv6 address must be enclosed in square brackets so that it is not confused with a "type:table" pattern.

mynetworks =

Open in new window

Also be sure that if you have a firewall that IPv6 traffic is permitted to pass through it.

ip6tables -A INPUT -p TCP --dport smtp -j ACCEPT
                      ip6tables -A OUTPUT -p TCP --dport smtp -j ACCEPT

Open in new window

If you have any access control maps you can list IPv6 addresses in the same way that you list IPv4 addresses.  Do not enclose the IPv6 address in square brackets, like you did in the mynetworks parameter.

Once you have made the changes to your, restart the service.
On CentOS/RedHat I do that like this.

# service postfix restart

A simple way to test you configuration is to use the telnet command to start a connection to the server on the smtp port

root@box3 # telnet smtp
Trying 2607:f878:1:668::84...
Connected to
Escape character is '^]'.
220 ESMTP Postfix
mail from: <>
250 2.1.0 Ok
rcpt to: <>
250 2.1.5 Ok
354 End data with <CR><LF>.<CR><LF>
Subject: test


250 2.0.0 Ok: queued as 39F3734A8031
221 2.0.0 Bye
Connection closed by foreign host.
root@box3 #

If you also run an IMAP server such as dovecot, you'll probably want to enable IPv6 for that too.  edit /etc/dovecot.conf

listen = *, [::] 

Open in new window

Once your service is accepting connections with IPv6 it is OK to let the rest of the world know by publishing a AAAA Record for your server in the DNS.  Normally the AAAA record would be the same name as the A record for your host.  Also be sure to have your ISP create a PTR record for your IPv6 Address that matches the AAAA record AND the hostname of your server.

David BeveridgeLinux Systems Admin

Comments (0)

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.