# Steve Bertrand # ^knight # steve@ibctech.ca # 080522 # Incorporating and enabling IPv6 on a Mail Toaster # This document assumes that you already have IPv6 connectivity enabled # and the capability to create DNS AAAA and MX records for your IPv6 # addresses. # The system is based entirely on Matt Simersons Mail Toaster, # http://www.tnpi.net/internet/mail/toaster - edit make.conf: WITH_IPV6=YES # mkdir -p /usr/local/src # cd /usr/local/src - Download the Mail Toaster package and unpackage it: # fetch http://mail-toaster.org/Mail-Toaster.tar.gz # tar -xzf Mail-Toaster.tar.gz # cd Mail-Toaster-N-NN - Fetch my Toaster patches and install them: # fetch http://ww6.ibctech.ca/patches/toaster-watcher.conf-dist.ucspi-ipv6.patch # patch < toaster-watcher.conf-dist.ucspi-ipv6.patch # cd lib/Mail # fetch http://ww6.ibctech.ca/patches/Toaster.pm.ipv6.patch # patch < Toaster.pm.ipv6.patch - back to the main source directory # cd ../.. - on with building and installing the Toaster components # perl Makefile.PL # make deps ** # make test # make install # cd /usr/local/src - begin installing outside components: # toaster_setup.pl -s ports # toaster_setup.pl -s config # toaster_setup.pl -s ssl - edit to taste: /usr/local/etc/toaster.conf /usr/local/etc/toaster-watcher.conf - ...continue installing: # toaster_setup.pl -s pre # toaster_setup.pl -s mysql # toaster_setup.pl -s apache # toaster_setup.pl -s webmail # toaster_setup.pl -s phpmyadmin (optional) - fetch the UCSPI sources, then download the patch I made by combining fefe's IPv6 - hacks and Matt Simersons MySQL patch, then install UCSPI by hand: # fetch http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz # fetch http://ww6.ibctech.ca/patches/ucspi_toaster_ipv6.patch # tar -xzvf ucspi-tcp-0.88.tar.gz # cd ucspi-tcp-0.88 # patch < ../ucspi_toaster_ipv6.patch # make install - continue on with installing the external packages: # toaster_setup.pl -s ezmlm # toaster_setup.pl -s vpopmail # toaster_setup.pl -s maildrop # toaster_setup.pl -s qmailadmin # toaster_setup.pl -s qmail - ensure that the IPv6 option is selected with Dovecot # toaster_setup.pl -s dovecot # toaster_setup.pl -s squirrelmail # toaster_setup.pl -s roundcube - I had some difficulty installing the filtering portions, so I proceeded - as documented here, and then after I ensured everything working with all - filtering disabled in toaster-watcher.conf, I re-ran the filtering software - installs (clamav, spamassassin) # toaster_setup.pl -s filter # toaster_setup.pl -s maillogs # toaster_setup.pl -s supervise # toaster_setup.pl -s rrdutil (optional) - run the following manually, and when any errors are sorted out, put - the entries in root's crontab # /usr/local/sbin/toaster-watcher.pl # /usr/local/www/cgi-bin/rrdutil.cgi -a update # crontab -u root -e */5 * * * * /usr/local/sbin/toaster-watcher.pl */5 * * * * /usr/local/www/cgi-bin/rrdutil.cgi -a update - At this point in time, I had working IPv6 SMTP communication inbound to the server, - but not outbound from the server. I had to fetch a clean copy of qmail source, patch and - make it, then copy the qmail-remote binary over the existing one # fetch http://cr.yp.to/software/qmail-1.03.tar.gz # fetch http://ww6.ibctech.ca/patches/qmail.ipv6.patch # tar -xzvf qmail-1.03.tar.gz # cd qmail-1.03 # patch < ../qmail.ipv6.patch # make # cp /var/qmail/bin/qmail-remote /var/qmail/bin/qmail-remote.pre-v6 # cp qmail-remote /var/qmail/bin - Restart services: # services stop # services start - Troubleshooting: - Logfiles: - /var/log/maillog - /var/log/messages - /var/log/mail/* =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Summary: There is more left to do. SPF functionality is not yet v6 enabled. I need to patch qmail-smtpd, but still need to do more work on implementing IPv6 patches into it in conjunction with toaster-specific patches. To enable IPv6, edit /usr/local/etc/toaster-watcher.conf file, and change the: pop3d_listen_on_ip_protocol, smtpd_listen_on_ip_protocol and submit_listen_on_ip_protocol ...from 4 to 6, then run # toaster-watcher.pl Please note that this document was written rather hastily, so if you find any errors or omissions, please feel free to contact me. My email address is at the top of this document. I will be testing this setup again over the next few days, and will revise as required. Once you are done, you should see something like the following: test# netstat -na | more Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp46 0 0 *.80 *.* LISTEN tcp4 0 0 127.0.0.1.53 *.* LISTEN tcp6 0 0 2607:f118::b7.53 *.* LISTEN tcp4 0 0 *.22 *.* LISTEN tcp6 0 0 *.22 *.* LISTEN tcp46 0 0 *.443 *.* LISTEN tcp4 0 0 *.3306 *.* LISTEN tcp46 0 0 *.110 *.* LISTEN tcp46 0 0 *.995 *.* LISTEN tcp46 0 0 *.993 *.* LISTEN tcp46 0 0 *.143 *.* LISTEN tcp4 0 0 127.0.0.1.783 *.* LISTEN tcp46 0 0 *.587 *.* LISTEN tcp46 0 0 *.25 *.* LISTEN tcp4 0 0 127.0.0.1.953 *.* LISTEN tcp6 0 0 2607:f118::b6.53 *.* LISTEN udp6 0 0 *.55172 *.* udp4 0 0 *.55171 *.* udp4 0 0 127.0.0.1.53 *.* udp6 0 0 2607:f118::b7.53 *.* udp6 0 0 *.62194 *.* udp4 0 0 *.62193 *.* udp6 0 0 2607:f118::b6.53 *.*