sendmail vs ipv6 broken after upgrade to 9.1

Ulrich Spörlein uqs at FreeBSD.org
Tue Jan 8 18:46:11 UTC 2013 

On Tue, 2013-01-08 at 10:09:20 -0800, Gregory Shapiro wrote:
> > How can I unstupid sendmail here?
> 
> I don't think sendmail is being stupid here as it is doing what it has been doing under 8.x and 9.1 (the code is the same).  I think something changed with the upgrade to 9.1.  As far as tracking it down, the sendmail code does:
> 
> getipnodebyname("acme.spoerlein.net", AF_INET6, AI_DEFAULT|AI_ALL, &err);
> 
> This will only return an IPv4 mapped address if:
> 
> 1. There are no IPv6 addresses configured on the interfaces.  How are your IPv6 addresses assigned?  If auto-configured (DHCPv6, RTADV), is it possible sendmail is being started before autoconfiguration has completed?  Restarting the MTA after boot and seeing if it still gets the mapped address will say whether or not this is the cause.
> 
> 2. The query for an AAAA record for acme.spoerlein.net failed.  This doesn't appear to be the case for dns based on your dig output (assuming you ran that dig command on the same machine that is exhibiting the problem).  However, your nsswitch.conf lists hosts before dns and there have been broken name resolution implementations that, with 'hosts' listed first in nsswitch.conf have given back bad info if the first hostname match didn't have the IPv6 address.  You could try switching the order in /etc/hosts to see if this helps.  (Note, the broken implementation was not FreeBSD.)
> 
> You can also test theory #2 by writing a small C program to do the getipnodebyname() call shown above and see what you get.  If it gives the same bad address, then you need to look outside of sendmail.  In the mean time, although not optimal, you can work around the issue by using the IPv6 address instead of the hostname in the Addr= equate.

Turns out it was the missing setting of ip6addrctl_policy="ipv6_prefer"
in rc.conf that also bit me in strange and mysterious ways on another
machine where I did the upgrade. It's very unfortunate that this will
runtime-break sendmail and I honestly don't know why we make ipv4 the
default in this day and age.

Can some IPv6 guru chime in here? This is all thoroughly confusing.

Thanks!
Uli

More information about the freebsd-stable mailing list