Gmail - ipv6. Anyone else with this experience?
-
So the IP is much longer than yours:
As you can tell, I probably do not understand IPv6 very well...
From my provider my server IPv6 seem to be:
So a bit like yours and something much shorter that what Google write in the bounce error message. Bur I thought this was normal as elsewhere in the provider settings page for my server it says:
So putting top and bottom address together I get the long IP google is writing in the error message.
-
Just to clarify: take the IPv6 that is written in the google mail and compare it to the PTR record. Are they identical?
-
@andreasdueren said in Gmail - ipv6. Anyone else with this experience?:
Just to clarify: take the IPv6 that is written in the google mail and compare it to the PTR record. Are they identical?
Yes they are!
-
I've now also set a PTR record against the short IPv6, it has propagated but I'm still getting the straight bounce.
-
@avatar1024 said in Gmail - ipv6. Anyone else with this experience?:
on two of them, the emails do end up delivering after a couple of retry by the mail server (the retries are still because of the PTR record)
Actually in some rare case, the server retries indefinitely and emails are never delivered. From the email event log:
Delivery failure. Will retry in Xs. Upstream error: 421 4.7.23 [2a03:xxxx:xx:xxx:xxxx:7fff:fe49:51af] The IP address sending this 4.7.23 message does not have a PTR record, or the corresponding forward DNS 4.7.23 entry does not match the sending IP. To protect our users from spam, 4.7.23 mail has been temporarily rate limited. To learn more about IP 4.7.23 address requirements for sending to Gmail, visit 4.7.23 https://support.google.com/a?p=sender-guidelines-ip 4.7.23 To learn more about Gmail requirements for bulk senders, visit 4.7.23 https://support.google.com/a?p=sender-guidelines. 4fb4d7f45d1cf-5d807030e25si25472762a12.537 - gsmtp",
Using the exact IPv6 in the error message on https://toolbox.googleapps.com/apps/dig/#PTR/ gives the correct PTR.
-
Until this is solved, is it possible to disable IPv6 completely from the mail service? This is affecting basically all of my servers.
-
@joseph Brill, that works, thank you!! All messages are now going through
Is there any big drawbacks in disabling IPv6? Also since it only happens with Gmail, is there a way to tell the system with IPv6 to only use IPv4 for google MX?
-
-
B BrutalBirdie referenced this topic
-
Right so we have a bunch of similar topics referencing the same problem.
- https://forum.cloudron.io/topic/13162/unable-to-send-emails-to-gmail
- https://forum.cloudron.io/topic/13145/problems-with-sending-mail
- https://forum.cloudron.io/topic/13122/email-sending-broken-after-updating-to-8-2-x-due-to-ipv6-issues
- https://forum.cloudron.io/topic/13072/gmail-ipv6-anyone-else-with-this-experience
Should they all be merged and/or marked as solved?
The solution is provided by @girish (here) and @jdaviescoates (here) which I'll compile and summarise here again:
- Activate IPv6 on Cloudron via going to Network > IPv6 > Configure > Public IP
- Check your IPv6 address either via reading the IPv6 address detected by Cloudron when doing 1. or via running
curl https://ipv6.api.cloudron.io/api/v1/helper/public_ipon your server (via ssh). - Set an IPv6 PTR record on your VPS/server provider (not your domain provider) for the above IPv6 address. The next Cloudron release will implement a check on IPv6 PTR record like it currently does for IPv4.
- If using Wildcard DNS then create a * AAAA record for the above IPv6 address.
- If things still don't work, you can go to Cloudron -> Domains -> hit Sync DNS
If your VPS provider does not allow you to set IPv6 PTR, then run on your server (via ssh)
sysctl -w net.ipv6.conf.ens18.disable_ipv6=1(replace ens18) for specific interface to disable IPv6 on your server. After you do this, also disable IPv6 in Cloudron, Network -> IPv6 -> Disable. -
J joseph has marked this topic as solved
