Cannot add IPv6 CIDR to PeerList

[leenooks]

trafficstars

Hi, my network is mostly IPv6 now, but adding my IPv6 to Peerlist results in:

[root@efa-1-1 postfix]# opendkim -x /etc/opendkim.conf -P /run/opendkim/opendkim.pid -v
opendkim: /etc/opendkim.conf: 10.1.3.0/24 fd00:368::/16: dkimf_db_open(): Unknown database type

The man page indicates that it accepts both CIDRs and IPv6 addresses, but any IPv6 address is not accepted:

PeerList 10.1.3.0/24 fd00:368::/16

Is there another way?

[glts]

Does this help? https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999597#10

[leenooks]

No, not at all.

If I change PeerList to use any of the examples, it still fails to start with the same reason:

eg: PeerList [2001:0db8:0000:0000:0000:0000:0000:0000]/32

opendkim: /etc/opendkim.conf: [2001:0db8:0000:0000:0000:0000:0000:0000]/32: dkimf_db_open(): Unknown database type

[thegushi]

I would suggest that the config parser is looking for a line that is of the kind described in opendkim.8 for datasets, and while such a line could start with refile: or db: or file: or the like, that it is seeing the initial colon in the comma-separated list, and taking that as a DB definition.

Unfortunately, the specification for a dbtype and an ipv6 address both rely on colons, and we don't have a sigil defined to just say "no, this is a literal list".

As a workaround, I would point it at a flatfile such as with:

Peerlist file:/etc/mail/peerlist.txt

And then populating that file. Can you tell me if that works? If so, I'll update the docs. I'm also going to have an internal discussion to see if there's something that can be done to fix this on a broader level.

[leenooks]

Howdy, this appears to work. As you suggested:

Peerlist file:/etc/mail/peerlist.txt

And the contents of peerlist.txt

10.1.3.0/24
fd00:368::/40

opendkim -x /etc/opendkim.conf -n doesnt complain and it opendkim starts happily.