Z-Push IMAP IPv6 not working
-
Hello guys,
I am using Z-Push 2.6.4 with IMAP backend (Dovecot) and my iPhone at iOS15. I need this only for having push notifications for new mails incoming. So really only one client. It runs flawlessly since around two years.
Recently I decided to make Z-Push also available via IPv6. So I set everything up (firewall rules, port mapping for NGINX reverse proxy and Apache for Z-Push). First, it seemed to work as intended but after a while, E-Mail notifications took way too long to arrive or never arrived. After some investigation I found out, that if Z-Push is reachable via IPv4+IPv6 OR IPv6 only, the iPhone just “sees” the first E-Mail which arrives and than immediately closes the connection. This happens only if Z-Push is via IPv6 reachable. When blocking IPv6 via a firewall rule it works immediately without any problem.
Is this a known issue with IPv6 and iOS ??
Thanks, best regards.
Doogie
-
@doogiehowser Hiho, which error message do you see in the logfile?
-
There is not a single error message. That is why I think it is iOS related.
With z-push-top I see the “Ping” and the new mail, normally after that the iOS Mail app would start new connections to get/show the new mails but with IPv6, after the “Ping” the connection is client side closed (seems to be).
After approx. 30 min. the iPhone opens up a new connection and notifies for the new mail. But sometimes even this doesn’t work. Manually opening the mail app works everytime.
I cross tested IPv6 connectivity with the iOS MS Outlook app and there were no issues. But for god sake Microsoft keeps my password stored in his cloud and lets his server connect to my Z-Push instance which is imho security-wise really dumb.
-
@doogiehowser: Did you just block the https / https ports via the firewall for ipv6 or also the mailserver ports?
-
Only 443/80 for the NGINX reverse proxy. Why should I block the mail server??
-
@doogiehowser no reason, i just wanted to make sure i setup the same thing ;-) because i have an iphone with ios 15 / ipv6 and it is working for recieving mails via non ssl dovecot. Maybe my errors with ssl are also related with v6. Just give me some time so i can do some tests.
-
@maedball: So i blocked IPv6 on my side aswell (i have it now since 5 minutes running) It seems to fix my ssl issue.
So maybe you can try to do the test from the other side and enable IPv6 disable your ssl connection to the mailserver (just to see if this fixes your issue as a workaround)
-
But in your post “SSL Connection gets disconneded” you described connection issues to your IMAP backend server which I do NOT have. Your Outlook client on Windows has then as a result connection issues. I would say you have a different problem.
For clarification if you will do more tests with iOS Mail app and IPv6 connectivity via Z-Push here are the steps to reproduce:
- Have Z-Push reachable via IPv4+IPv6 or IPv6 only.
- Launch or restart the Z-Push frontend/backend webservers. (I am using docker container, so it is easy for me ;-) )
- Wait for iOS Mail app connects (observe with z-push-top).
- Send a testmail, iOS Mail app will successfully notify about new mail.
- Wait at least 30 seconds depending on your value at: z-push.conf.php: define(‘PING_INTERVAL’, 30);
- Make sure, you see only 1 connection for this iOS Mail app idling/waiting for Ping
- Send another mail.
- You should see the Ping in z-push-top with incoming mail but after that the iOS Mail app connection disappears instantly from z-push-top. That is NOT a normal behaviour.
Maybe you see this faulty behaviour only after the first 3 mails arrived. It is not everytime the case that it occurs faulty after the first mail has arrived.
-
Ok this is weird now. I thought I give it another try with Z-Push debugging on. Didn’t try Z-Push debugging since I saw no error message in the backends (Dovecot/Z-Push).
I cannot reproduce the issue anymore. Even after disabling debugging again it is still working with IPv6 AND IPv4 on.
So strange, I didn’t change anything since my last try several days ago. Even my external public IPs are the same. It must be an error in the iOS Mail app.
I will monitor it for a couple of days.
