Gmail - ipv6. Anyone else with this experience?
-
I've also hit this on three of my servers! I've set-up the PTR record for the IPv6 (hopefully correctly) and waiting for it to propagate...let's hope it works.
-
For one of my domain, even though the DNS has propagated and checks all fine on https://www.whatsmydns.net/#PTR and https://toolbox.googleapps.com/apps/dig/#PTR/ I'm still getting the bounce error....damn google!
On two other domains it now works well
-
@avatar1024 Are the IPv6 reported by google and the one issued by your provider the same?
-
@andreasdueren As far as I can tell yes.
-
Also I spoke a bit too quickly I'm actually getting delivery issues on all domains, just on two of them, the emails do end up delivering after a couple of retry by the mail server (the retries are still because of the PTR record), whereas on the third one it's just a straight bounce.
-
@avatar1024 I'd encourage you to double check. The IP without the 2 at the end is my actual IPv6. But google kept complaining that the one with the two didn't match. So I set a PTR record for it as well and now things seem to be fine.
-
What I did is take the IPv6 google wrote in the bounce error message and added the mail serve name against that.
-
So the IP is much longer than yours:
As you can tell, I probably do not understand IPv6 very well...
From my provider my server IPv6 seem to be:
So a bit like yours and something much shorter that what Google write in the bounce error message. Bur I thought this was normal as elsewhere in the provider settings page for my server it says:
So putting top and bottom address together I get the long IP google is writing in the error message.
-
Just to clarify: take the IPv6 that is written in the google mail and compare it to the PTR record. Are they identical?
-
@andreasdueren said in Gmail - ipv6. Anyone else with this experience?:
Just to clarify: take the IPv6 that is written in the google mail and compare it to the PTR record. Are they identical?
Yes they are!
-
I've now also set a PTR record against the short IPv6, it has propagated but I'm still getting the straight bounce.
-
@avatar1024 said in Gmail - ipv6. Anyone else with this experience?:
on two of them, the emails do end up delivering after a couple of retry by the mail server (the retries are still because of the PTR record)
Actually in some rare case, the server retries indefinitely and emails are never delivered. From the email event log:
Delivery failure. Will retry in Xs. Upstream error: 421 4.7.23 [2a03:xxxx:xx:xxx:xxxx:7fff:fe49:51af] The IP address sending this 4.7.23 message does not have a PTR record, or the corresponding forward DNS 4.7.23 entry does not match the sending IP. To protect our users from spam, 4.7.23 mail has been temporarily rate limited. To learn more about IP 4.7.23 address requirements for sending to Gmail, visit 4.7.23 https://support.google.com/a?p=sender-guidelines-ip 4.7.23 To learn more about Gmail requirements for bulk senders, visit 4.7.23 https://support.google.com/a?p=sender-guidelines. 4fb4d7f45d1cf-5d807030e25si25472762a12.537 - gsmtp",
Using the exact IPv6 in the error message on https://toolbox.googleapps.com/apps/dig/#PTR/ gives the correct PTR.
-
Until this is solved, is it possible to disable IPv6 completely from the mail service? This is affecting basically all of my servers.
-
@joseph Brill, that works, thank you!! All messages are now going through
Is there any big drawbacks in disabling IPv6? Also since it only happens with Gmail, is there a way to tell the system with IPv6 to only use IPv4 for google MX?
-
