The goal was to run a mail relay entirely on IPv6. No mail submission daemon listening on an IPv4 loopback interface anymore, no external SMTP daemon listening on anything other than an IPv6 address. The question is how practical is such a setup? Will I be losing traffic because not all sites on the internet support IPv6?

Well it's easy to say what works. It can be done. A server that uses a single IPv6 address for SMTP, smtps and submission. The problem arises when trying to send to email addresses other than Google. You are with Yahoo! or Hotmail? Then you're out of luck, they don't have MX records that contain an IPv6 address. Very similar the other way around. Mailing from Yahoo! or Hotmail to your IPv6 address simply is being dropped. What's worse though is something else. I could easily say, let's not use Hotmail and Yahoo! for the moment, most of my emails are coming from Google anyway, and the techie world of Debian and FreeBSD mailing lists clearly support it. No, what is worse is the fact that antispam tools like Spamassassin no longer function. Some of the RBL checks (realtime blacklists) rely on queries to custom made dns servers that might not run on IPv6. I get false positives this way.

So to sum it up..

Yahoo!, Hotmail, GMX, etc. don't work

RBL checks mostly on IPv4

A simple mta setup with Sendmail and procmail. OpenDKIM for signing emails.

The ip address

inet6 2a01:4f8:221:181::5 prefixlen 64

host -t MX srick.org
srick.org mail is handled by 10 jail5.ipv6.srick.org.

host jail5.ipv6.srick.org
jail5.ipv6.srick.org has IPv6 address 2a01:4f8:221:181::5

The Sendmail config (mc file)

divert(0)
VERSIONID(`$FreeBSD: release/12.1.0/etc/sendmail/freebsd.mc 285230 2015-07-07 03:00:57Z gshapiro $')
OSTYPE(freebsd6)
DOMAIN(generic)

FEATURE(access_db, `hash -o -T /etc/mail/access')
FEATURE(blacklist_recipients)
FEATURE(local_lmtp)
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')

dnl STARTTLS for receiving email.
define(`CERT_DIR', `/usr/local/etc/letsencrypt/live/mta.hzn.srick.org')dnl
define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/privkey.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/cert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/privkey.pem')dnl
define(`confCACERT', `CERT_DIR/chain.pem')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confDH_PARAMETERS', `CERT_DIR/dh.param')dnl

dnl local destinations for incoming mails
define(`confCW_FILE', `-o /etc/mail/local-host-names')

dnl opendkim signing of email
INPUT_MAIL_FILTER(`opendkim',`S=local:/var/run/dkim/opendkim.socket')dnl

dnl Listen only on IPv6
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTAv6, M=s, Family=inet6')
DAEMON_OPTIONS(`Name=SMTPv6, Family=inet6, Modifiers=O')
DAEMON_OPTIONS(`Port=587, Name=MSAv6, M=E, Family=inet6')

dnl our ssl certs and keys are group readable
define(`confDONT_BLAME_SENDMAIL', `GroupReadableKeyFile')

dnl set SASL options
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN')dnl

dnl make all outgoing mail appears as coming from srick.org
MASQUERADE_AS(srick.org)dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl
MASQUERADE_DOMAIN(srick.org)dnl

dnl enable procmail as the local delivery agent
FEATURE(`local_procmail',`/usr/local/bin/procmail')dnl

MAILER(procmail)
MAILER(local)
MAILER(smtp)

The procmail config for user srick

LOGFILE=$HOME/procmail.log
VERBOSE=yes
LOGABSTRACT=all
DROPPRIVS=yes
PATH=/bin:/usr/bin:/usr/local/bin
SHELL=/bin/sh

# Spamassassin
:0fw
|/usr/local/bin/spamassassin

# deliver mail that contains the sa spam message to a spam folder
:0 B :
* possible.*spam
/home/steffen.rick/mail/spam

# Everything else, mailinglists to folders
:0 :
* owner-freebsd-stable@freebsd.org
/home/steffen.rick/mail/freebsd-stable

:0 :
* ^To.*svn-src-releng.*
/home/steffen.rick/mail/freebsd-src-releng

:0 :
* ^Sender: owner-freebsd-doc@freebsd.org
/home/steffen.rick/mail/freebsd-doc

:0 :
* owner-freebsd-net@freebsd.org
/home/steffen.rick/mail/freebsd-net

:0 :
* owner-freebsd-announce@freebsd.org
/home/steffen.rick/mail/freebsd-announce

:0 :
* owner-freebsd-jail@freebsd.org
/home/steffen.rick/mail/freebsd-jail

:0 :
* varnish-test-bounces+steffen.rick=srick.org@varnish-cache.org
/home/steffen.rick/mail/varnish-test

:0 :
* varnish-misc@varnish-cache.org
/home/steffen.rick/mail/varnish-misc

:0 :
* debian-infrastructure-announce
/home/steffen.rick/mail/debian-infrastructure-announce

:0 :
* debian-release
/home/steffen.rick/mail/debian-release

:0 :
* debian-lts-announce
/home/steffen.rick/mail/debian-lts-announce

# What remains goes to my inbox
:0 :
/var/mail/srick