From 347646386988a5739319d6ea1f64fa32c2bd6549 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Thu, 22 Aug 2019 16:58:49 +0100
Subject: [PATCH] Add a variable to disable IPv6 on outbound Postfix

---
 roles/mail/README.md                     | 10 ++++++++++
 roles/mail/templates/postfix-out/main.cf |  2 +-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/roles/mail/README.md b/roles/mail/README.md
index 3678d02e..f2f88a7b 100644
--- a/roles/mail/README.md
+++ b/roles/mail/README.md
@@ -159,3 +159,13 @@ $ postmulti -i postfix-out -x mailq
 
 for a specific instance. Check the *postmulti(1)* man page for further
 details.
+
+## Disabling outbound IPv6 on a host
+
+Sometimes there are problems with reverse IPv6 DNS resolution of one
+of our public MX addresses. In this case outbound email might be
+refused by most email servers that do a reverse DNS check of the EHLO
+name. The solution is to set the special host variable
+*postfix_out_inet_protocols* on the specific server (in the
+inventory file) to the value "ipv4".
+
diff --git a/roles/mail/templates/postfix-out/main.cf b/roles/mail/templates/postfix-out/main.cf
index 13c95c3d..94818820 100644
--- a/roles/mail/templates/postfix-out/main.cf
+++ b/roles/mail/templates/postfix-out/main.cf
@@ -16,7 +16,7 @@ smtpd_client_event_limit_exceptions = $mynetworks
 # "secondary IP personality" configuration.
 smtp_bind_address = 0.0.0.0
 smtp_bind_address6 = ::
-inet_protocols = all
+inet_protocols = {{ postfix_out_inet_protocols | default('all') }}
 
 # All header rewriting happens upstream.
 local_header_rewrite_clients =
-- 
GitLab