@lbutlr
2021-Apr-09 16:55 UTC
How to prevent, or change priority, of dovecot's FAILed relay-submission to relay's IPv6 address, and submit ONLY/first to IPv4?
On 09 Apr 2021, at 08:29, PGNet Dev <pgnet.dev at gmail.com> wrote:> >>> And it's a bad assumption that since the host is dual-stack that all services on it will be. >> If a hostname resolves to both an A and AAAA record, it should provides services on both. > > Says who/what? > > There is no should/must/shall in any internet standard that suggest/implies/requires that.It's blatantly obnvisou because otherwise you have to try to figure out if www.example.com:587 is on the A or the AAAA record, which is pretty much he opposite of how multiple records work. If you had a DNS that returned multiple IPs got ;old balancing, would it be rational to have only SOME of those IPs respond on port 587 and others respond only on port 465 or 8955? Of course not. If you have to mandate ipv4, use the ipv4 address. -- I desire the things that will destroy me in the end.
PGNet Dev
2021-Apr-09 17:15 UTC
How to prevent, or change priority, of dovecot's FAILed relay-submission to relay's IPv6 address, and submit ONLY/first to IPv4?
On 4/9/21 12:55 PM, @lbutlr wrote:> On 09 Apr 2021, at 08:29, PGNet Dev <pgnet.dev at gmail.com> wrote: >> >>>> And it's a bad assumption that since the host is dual-stack that all services on it will be. >>> If a hostname resolves to both an A and AAAA record, it should provides services on both. >> >> Says who/what? >> >> There is no should/must/shall in any internet standard that suggest/implies/requires that. > > It's blatantly obnvisou because otherwise you have to try to figure out if www.example.com:587 is on the A or the AAAA record, which is pretty much he opposite of how multiple records work.er, huh? the 'net doesn't run on what you think is 'blatantly obvious'. at least _my_ 'net doesn't. just because there's an available record does not mean that one intends to, let alone HAS to, use it. If you want to manage your infrastructure to suit your needs, then do so. That's the point. It's your choice. Feel free to be as loose or locked down as you choose. Postfix, as well as other services, seems to manage this all quite nicely. Define/restrict listeners as needed. Postfix, e.g., diligently adheres to internet standards, typically making them defaults, and often-not-always providing a knob to override. Where a standard does not mandate a preference, the preference is available & configurable by default. The app does not presume to assume what your infrastructure should be. Or other silly assumptions for that matter. OTOH, Re: this^ IPv6 business, dovecot, - *hardcodes* the order of inet addr family preference -- IPv6 first -- in its source - ignores system-defined precedence of IPv6/IPv4 in /etc/gai.conf - provides no option to set/override There's no sound reason -- technical or otherwise -- of not providing perfectly legitimate infrastructure-config choices to the admin, and an option to override default behaviors. Especially when the override is of defaults that are questionable, internally-made assumptions in the 1st place.