Back to Community Threads
1
Linux Webserver Not Listening on IPv6
Problem reported by Bill Hughes - 5/15/2024 at 12:39 PM
Submitted
I installed smartermail_8895 and cannot access the admin (HTTP) over IPv6. SSH is enabled for IPv6, but the server is not listening on 80/443:

tcp   LISTEN 0      4096         127.0.0.53%lo:53         0.0.0.0:*    users:(("systemd-resolve",pid=603,fd=14))
tcp   LISTEN 0      4096             127.0.0.1:52022      0.0.0.0:*    users:(("jumpcloud-agent",pid=649,fd=24))
tcp   LISTEN 0      512                0.0.0.0:443        0.0.0.0:*    users:(("MailService",pid=653,fd=391))
tcp   LISTEN 0      128                0.0.0.0:22         0.0.0.0:*    users:(("sshd",pid=900,fd=3))
tcp   LISTEN 0      512                0.0.0.0:80         0.0.0.0:*    users:(("MailService",pid=653,fd=388))
tcp   LISTEN 0      128                   [::]:22            [::]:*    users:(("sshd",pid=900,fd=4))
How do I enable IPv6 for the web interface? Thanks!

9 Replies

Reply to Thread
0
Zach Sylvester Replied
5/15/2024 at 1:14 PM
Employee Post
Hello, 

Thank you for reporting this issue. Can you confirm if you're using SmarterMails built-in webserver or a reverse proxy web server like nginx?

Thanks, 
Zach Sylvester Software Developer SmarterTools Inc. www.smartertools.com
1
Patrick Jeski Replied
5/15/2024 at 1:23 PM
for nginx, nginx listens on 80 & 443, not mailservice, so it looks like SmarterMail web server. 

Just to add, the *only* thing listening ipv6 on my nginx VM is MailService on 17017, if that helps either of you. 
0
Zach Sylvester Replied
5/15/2024 at 1:49 PM
Employee Post
Hello, 

Thanks for the follow-up. I did some digging and this doesn't appear to be a SmarterMail issue. This appears to be a configuration issue. 
Please try running. 

sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
After this do 
sudo service smartermail restart

After you do this you should be able to run. 

sudo netstat -putan | grep 443
You should see two entries one for TCP and one for TCP6. 

I hope this helps. 

Thanks, 
Zach Sylvester Software Developer SmarterTools Inc. www.smartertools.com
0
Bill Hughes Replied
5/15/2024 at 2:39 PM
Hi thank you for your responses.

It uses the built-in mail server. 

ufw is not active. I had checked that already.

$ sudo ufw status
Status: inactive
$
netstat is not installed on Ubuntu 22.04 LTS by default but ss is. The command I ran above:

sudo ss -tulpn | grep LISTEN
Re-running it still shows:

tcp   LISTEN 0      4096         127.0.0.53%lo:53         0.0.0.0:*    users:(("systemd-resolve",pid=603,fd=14))
tcp   LISTEN 0      4096             127.0.0.1:52022      0.0.0.0:*    users:(("jumpcloud-agent",pid=649,fd=24))
tcp   LISTEN 0      512                0.0.0.0:443        0.0.0.0:*    users:(("MailService",pid=653,fd=391))
tcp   LISTEN 0      128                0.0.0.0:22         0.0.0.0:*    users:(("sshd",pid=900,fd=3))
tcp   LISTEN 0      512                0.0.0.0:80         0.0.0.0:*    users:(("MailService",pid=653,fd=388))
tcp   LISTEN 0      128                   [::]:22            [::]:*    users:(("sshd",pid=900,fd=4))
SmarterMail is not listening on 443 for IPv6. I would expect to see a line with something like:

tcp   LISTEN 0      512    [::]:443        [::]:*    users:(("MailService",pid=653,fd=999))
Is there a configuration file that tells "MailService" which interfaces (i.e. IP addresses) to listen on?
1
Patrick Jeski Replied
5/15/2024 at 3:34 PM
Edit to delete useless rambling.

For Kyle:
D’oh! What was I thinking. 
0
Kyle Kerst Replied
5/15/2024 at 3:59 PM
Employee Post
The HTTP/HTTPS ports won't be configured in the Settings>Bindings area unfortunately Patrick. I see kestrel has bound to 0.0.0.0:80, but I wonder if we might need an additional binding for all IPv6 interfaces. I'm going to check in with development on this for you and I'll follow up when I know more. 
Kyle Kerst IT Coordinator SmarterTools Inc. www.smartertools.com
1
Kyle Kerst Replied
5/15/2024 at 4:11 PM
Employee Post
I heard back from development on this and it sounds like we do not yet bind to IPv6 addresses at this time. That being said, Zach had noted in conversations here he was able to make this work on an IPv4-->IPv6 conversion/loopback, so you may be able to make it work in the meantime by implementing some routing to account for that. I do believe we have plans to implement support for this in the long run, just not something that will work as expected just yet. 
Kyle Kerst IT Coordinator SmarterTools Inc. www.smartertools.com
1
Bill Hughes Replied
5/15/2024 at 6:14 PM
Thank you for checking. 

We spun it up in our dev environment which does not have IPv4 for ingress traffic (NAT sucks :-) ). 

I guess we will have to either use Nginx or another solution. 

Yes, please add a feature request for IPv6 bindings for the web interface. 
1
Kyle Kerst Replied
5/16/2024 at 10:36 AM
Employee Post
You're very welcome Bill. We've escalated a request for IPv6 support to be added so we've got that on our radar now. Let us know if you have any other questions! :-)
Kyle Kerst IT Coordinator SmarterTools Inc. www.smartertools.com
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Spam and Security Checks for IPv6 SystemsSmarterMail > Antispam and Antivirus
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Force Traffic Over HTTPS when using a Reverse ProxySmarterMail > Server Configuration and Management
Migrating SmarterMail to LinuxSmarterMail > Server Configuration and Management