Disable IPv6
Danger
In installations using a Docker version between 25.0.0 and 25.0.2 (to check, use docker version
) the behavior of IPv6 address allocation has changed due to a bug. Simply using enable_ipv6: false
is NO LONGER sufficient to completely disable IPv6 in the stack.
This was a bug in the Docker Daemon, which has been fixed with version 25.0.3.
This is ONLY recommended if you do not have an IPv6 enabled network on your host!
If you really need to, you can disable the usage of IPv6 in the compose file. Additionally, you can also disable the startup of container "ipv6nat-mailcow", as it's not needed if you won't use IPv6.
Instead of editing docker-compose.yml directly, it is preferable to create an override file for it and implement your changes to the service there. Unfortunately, this right now only seems to work for services, not for network settings.
To disable IPv6 on the mailcow network, open docker-compose.yml with your favourite text editor and search for the network section (it's near the bottom of the file).
1. Modify docker-compose.yml
Change enable_ipv6: true
to enable_ipv6: false
and comment out the IPv6 subnet:
networks:
mailcow-network:
[...]
enable_ipv6: true # <<< set to false
ipam:
driver: default
config:
- subnet: ${IPV4_NETWORK:-172.22.1}.0/24
- subnet: ${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64} # <<< comment out with #
[...]
2. Disable ipv6nat-mailcow
To disable the ipv6nat-mailcow container as well, go to your mailcow directory and create a new file called "docker-compose.override.yml":
NOTE: If you already have an override file, of course don't recreate it, but merge the lines below into your existing one accordingly!
# cd /opt/mailcow-dockerized
# touch docker-compose.override.yml
Open the file in your favourite text editor and fill in the following:
services:
ipv6nat-mailcow:
image: bash:latest
restart: "no"
entrypoint: ["echo", "ipv6nat disabled in compose.override.yml"]
For these changes to be effective, you need to fully stop and then restart the stack, so containers and networks are recreated:
docker compose down
docker compose up -d
docker-compose down
docker-compose up -d
3. Disable IPv6 in unbound-mailcow
Edit data/conf/unbound/unbound.conf
and set do-ip6
to "no":
server:
[...]
do-ip6: no
[...]
Restart Unbound:
docker compose restart unbound-mailcow
docker-compose restart unbound-mailcow
4. Disable IPv6 in postfix-mailcow
Create data/conf/postfix/extra.cf
and set smtp_address_preference
to ipv4
:
smtp_address_preference = ipv4
inet_protocols = ipv4
Restart Postfix:
docker compose restart postfix-mailcow
docker-compose restart postfix-mailcow
5. If your docker daemon completly disabled IPv6:
Fix the following NGINX, Dovecot and php-fpm config files
sed -i '/::/d' data/conf/nginx/templates/listen*
sed -i '/::/d' data/conf/nginx/dynmaps.conf
sed -i 's/,\[::\]//g' data/conf/dovecot/dovecot.conf
sed -i 's/\[::\]://g' data/conf/phpfpm/php-fpm.d/pools.conf