Postfix IPv6 / IPv6+TLS patch
Maintained by Dean C. Strik <dean@ipnet6.org>

These patches add IPv6 support to Postfix. A combo TLS+IPv6 patch is
available as a replacement for Lutz Jaenicke's TLS patch.

More information about these IPv6 patches can be found on Dean Strik's
postfix website at
	http://www.ipnet6.org/postfix/

CONTENTS
---------
 - Supported platforms
 - Downloads
 - Installation
 - Configuration
 - Mailing list
 - Known issues
 - Reporting bugs

SUPPORTED PLATFORMS
--------------------

Currently, the following platforms are supported:
	- FreeBSD 4.x/5.x
	- OpenBSD 2.x/3.x
	- NetBSD 1.5+
	- Solaris 8/9
	- Linux 2.x
	- Darwin 7.3+
	- Tru64Unix V5.1+
Postfix may work on other versions of these operating systems or
other operating systems entirely. If you find a problem on one
of the above platforms, please contact me at <dean@ipnet6.org>.

DOWNLOADS
----------

The official download site is

	http://www.ipnet6.org/postfix/

Patches are offered as HTTP and FTP downloads here. To directly
access the files on the FTP server, use the following address:

	ftp://ftp.stack.nl/pub/postfix/tls+ipv6/

The patches are in gzipped context diff format.

INSTALLATION
-------------

The patch is distributed as a gzipped context diff. This used to
be unified diff (more readable), but it was changed because to
avoid unidiff limitations.

We assume postfix is already extracted, to the directory
	postfix-2.1.3

1. Decompress the patch:
	e.g.	$ gunzip tls+ipv6-1.25-pf-2.1.3.patch.gz
2. Change directory to the postfix source directory
	e.g.	$ cd postfix-2.1.3
3. Apply the patch
	e.g.	$ patch -s -p 1 < ../tls+ipv6-1.25-pf-2.1.3.patch
4. Build postfix. The IPv6 patch does not require additional environment
   variables or arguments to 'make'.

CONFIGURATION
--------------

In theory, no post-installation configuration of postfix is
required, although you may want to extend the value of the
'mynetworks' parameter to include the IPv6 networks the system is
in.

Also you can restrict Postfix to use IPv6-only or IPv4-only by
changing the 'inet_interfaces' parameter.

The main.cf parameters regarding IPv6 are documented in the file
'sample-ipv6.cf' in the samples/ directory.

MAILING LISTS
--------------

I've created two mailing lists about using IPv6 with Postfix.
There's a general list (postfix-ipv6) that can be used for discussion.
Also, there's an announcement-only list (postfix-ipv6-announce)
for people who only want to get the announcements.
All announcements are cross-posted to postfix-ipv6 though.

List name:	postfix-ipv6
List type:	Discussion / general (incl. announcements)
List info:	http://lists.stack.nl/mailman/listinfo/postfix-ipv6
List archive:	http://lists.stack.nl/pipermail/postfix-ipv6
List admin:	Dean Strik <dean@ipnet6.org>

List name:	postfix-ipv6-announce
List type:	Announcements only, moderated
List info:	http://lists.stack.nl/mailman/listinfo/postfix-ipv6-announce
List archive:	http://lists.stack.nl/pipermail/postfix-ipv6-announce
List admin:	Dean Strik <dean@ipnet6.org>

KNOWN ISSUES
-------------

The patch comes with an IPv6-ChangeLog file. Please always validate
whether you have the latest version. You can always download the
latest ChangeLog at

	ftp://ftp.stack.nl/pub/postfix/tls+ipv6/ChangeLog

The following 'issues' and todo items are known (none critical):

 - It is not currently supported to use Postfix network daemons
   (such as smtp and smtpd) chrooted on Linux systems without
   mounting the proc filesystem under /var/spool/postfix/proc
   This is because the proc filesystem is required on Linux to
   obtain the system's IPv6 address information.

 - The 'smtp_host_lookup' parameter is not effective with IPv6.
   This is because a different lookup mechanism is used that
   cannot easily disable the 'local' (i.e., non-DNS) lookups.
   Whether local files or the DNS are used first, is determined
   by your operating system, e.g. in /etc/nsswitch.conf or
   /etc/host.conf.

 - The order of IPv6/IPv4 outgoing connection attempts is not
   yet configurable. This will be configurable in a later,
   soon to be released version. Currently, IPv6 is tried before
   IPv4.

 - No IPv6 open relay checks. Since there is no IPv6 RBL service
   around at the moment (I'm considering setting one up but it's
   not a very hot issue), no lookups for IPv6 clients are ever done.
   Let's not have a lot of worthless DNS traffic. Of course, when
   this gets implemented, IPv6 client lookups will only be made
   to DNSBLs that support these.

 - Tru64Unix: Using 'mynetworks_style = subnet' (which I do not
   recommend in any case...) causes Postfix to assume a /64 for
   all IPv6-connected IPv6 subnets. I have yet to find a good way
   for obtaining the prefixlength. Suggestions are welcome!

REPORTING BUGS
---------------

Of course there may be bugs in the patch. Please report bugs in the
patch to <dean@ipnet6.org>. Please be thorough in the report.
Patches, when possible, are greatly appreciated too!

Please differentiate when possible between
 - Problems in vanilla Postfix:	<mailto:postfix-users@postfix.org>
 - Problems in Lutz' TLS patch:	<mailto:postfix_tls@aet.tu-cottbus.de>
 - Problems in the IPv6 code:	<mailto:postfix-ipv6@stack.nl>

-- 
Dean Strik <dean@ipnet6.org>
