For using ipv6 dnsbl, we need postfix version => 2.6 as the author of postfix state in postfix-users list.
How ipv6 dnsbl keep AAAA record in their zone?
this is how it done. for example we got ipv6: 2001:1af8:4400:a00d:1::1 (my webserver)
RBL query lookup would be like this:
So, we need configure our private BIND9 RBL like this: first create dnsbl.example.tld zone in /etc/named.conf
second, we have to create dnsbl.example.tld zone file.
why do i using CNAME instead of direct AAAA record? it’s just for efficiency, to avoid repetitions when adding ipv6 address on the blacklist. beside, postfix resolver can follow CNAME until found AAAA and TXT record.
IN postfix configuration, main.cf add this line:
now test all the things we’ve configured. (with my own ipv6 in the temporary list)