On Wed, Dec 12, 2012 at 6:07 AM, Charlie Macdonald <chasmacd_at_yahoo.com> wrote:
> Hi All:
>
> I've been tearing my hair out trying to get OpenDKIM to work with an IPV6
> /64 network, I've tried Peers, TrustedHosts
> (real IPs and domains have been commented out)
Making it so that we can only guess at what your problem is.
> PeerList
> csl:xxxx:xxxx:xxxx:xxxx:0:0:0:0/64,xxxx:xxxx:xxxx:xxxx:0:0:0:2/128
If the second IP is in the first /64, then it's not needed. If they
are NOT in the same /64, then it's customary to identify that in the
obfuscation by changing it to, for example,
xxxx:yyyy:yyyy:yyyy::2/128.
> TrustedHosts
> 127.0.0.1
> ::1
> x.x.x.x/32
> 192.168.x.0/24
> xxxx:xxxx:xxxx:xxxx:0:0:0:2
> xxxx:xxxx:xxxx:xxxx:0:0:0:0/64
Again, are the last two in the same subnet?
> But I keep getting this in the maillog
> msgid=<20121212135133.c84786eaa70ccb568be46ca3_at_xxxx.com>, proto=ESMTP,
> daemon=MTA-v6, relay=[IPv6:xxxx:xxxx:xxxx:xxxx::21]
> Dec 12 13:51:37 xxxx opendkim[707]: qBCDpaKW000711:
> [IPv6:xxxx:xxxx:xxxx:xxxx::21] [xxxx:xxxx:xxxx:xxxx::21] not internal
Is the IP in the /64 subnet above? It definitely does not match the
xxxx::2 that you are specifying manually (sounds typical of a
Hurricane Electric or Sixxs tunnel endpoint).
...Todd
--
The total budget at all receivers for solving senders' problems is $0.
If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine
Received on Wed Dec 12 2012 - 15:40:14 PST