diff --git a/roles/mail_forwarder/templates/ferm_mail.conf.j2 b/roles/mail_forwarder/templates/ferm_mail.conf.j2
index c779a9264d395297898804a359134e9e903c890d..853de80c3c53e92f4b8551b7bf22d1232114e2fa 100644
--- a/roles/mail_forwarder/templates/ferm_mail.conf.j2
+++ b/roles/mail_forwarder/templates/ferm_mail.conf.j2
@@ -1,24 +1,30 @@
 {% if smtp_relay_host and smtp_from_relay_allowed %}
+{% if smtp_relay_host_ipv4 %}
 domain ip {
     # Accept incoming connections on port 25 from SMTP relay host.
     table filter {
         chain INPUT {
             # SMTP for server communication.
             proto tcp dport 25 {
-                saddr {{ smtp_relay_host }} ACCEPT;
+{% for address in smtp_relay_host_ipv4 %}
+                saddr {{ address }} ACCEPT;
+{% endfor %}
             }
         }
     }
 }
+{% endif %}
 
-{% if lookup('dig', smtp_relay_host + '/AAAA') not in ['NXDOMAIN', ''] %}
+{% if smtp_relay_host_ipv6 %}
 domain ip6 {
     # Accept incoming connections on port 25 from SMTP relay host.
     table filter {
         chain INPUT {
             # SMTP for server communication.
             proto tcp dport 25 {
-                saddr {{ smtp_relay_host }} ACCEPT;
+{% for address in smtp_relay_host_ipv6 %}
+                saddr {{ address }} ACCEPT;
+{% endfor %}
             }
         }
     }