Koozali.org formerly Contribs.org

Gmail sending IPv6 mail to my IPv4 server

Offline Mike

Gmail sending IPv6 mail to my IPv4 server
« on: July 21, 2020, 11:52:39 AM »
To make my mail delivery/reception more stable I recently put a lot of effort in figuring out how to properly setup ptr/spf/dkim/dmarc.
For all domains on my server the domain check on https://mxtoolbox.com/NetworkTools.aspx are now 100% correct.
I figured that now I could also receive from or send mail to online mail services like Gmail, Outlook.com and whatever online mail service people use nowadays, correctly.
I know that a properly setup ptr/spf/dkim/dmarc is still no guarantee that mail will always arrive but I wasn’t prepared for this.
I got a dmarc report that stated that mailing from some IPv6 IP-address from Gmail to one of my sub-domains was not successful because all spf/dkim/dmarc checks failed.
Of cause, because I have not setup any IPv6 AAAA/ptr/spf/dkim/dmarc for my domain because I do not have an IPv6 address and my SME Server does not support IPv6.
The mail was send from an android phone with Gmail.

How can I prevent Gmail or any other online email provider from trying to send IPv6 mail to my NON-IPv6 enabled domain that hasn’t even got an AAAA-record?

I will have an IPv6 enabled Internet Provider probably within 6 months from now but SME Server still has no support for IPv6 out of the box.
But I could probably help with testing when I have my new IPv6 enabled internet provider...
« Last Edit: July 21, 2020, 11:56:05 AM by Mike »

Offline ReetP

  • *
  • 2,573
Re: Gmail sending IPv6 mail to my IPv4 server
« Reply #1 on: July 21, 2020, 02:22:11 PM »
Quote
I figured that now I could also receive from or send mail to online mail services like Gmail, Outlook.com and whatever online mail service people use nowadays, correctly.

Remember that sending and receiving are almost like chalk and cheese. It can flow seamlessly one way, and not the other. Just because you can send does not mean you can receive, and vice versa.

Quote
I got a dmarc report that stated that mailing from some IPv6 IP-address from Gmail to one of my sub-domains was not successful because all spf/dkim/dmarc checks failed.

So this is mail your server is receiving. Or blocking.

I'm not sure if that is actually IPv6 related.

First, if you don't have IPv6 enabled they can't even talk to your server.... they'd have HAD to have set up a IPv4 connection to do that. None of the big providers are solely IPv6 - they would all run dual stack.

What did the bounce message they received actually say?

Why did qpsmtpd throw it out? Check your logs and see.

Code: [Select]
grep -rn somedomain.com /var/log/qpsmtpd/current
Quote
How can I prevent Gmail or any other online email provider from trying to send IPv6 mail to my NON-IPv6 enabled domain that hasn’t even got an AAAA-record?

Don't use IPv6..... beyond that you can't. They will use your IPv4 records.

Quote
I will have an IPv6 enabled Internet Provider probably within 6 months from now but SME Server still has no support for IPv6 out of the box.
But I could probably help with testing when I have my new IPv6 enabled internet provider...

It isn't something we are working on currently - we have far too much to do just to try and get v10 out of the door. It will be much better if you assist with testing v10 right now. Without it you won't be getting any IPv6 regardless.

https://wiki.contribs.org/SME_Server:10.0Alpha5

Ask for a RocketChat login and come and talk to us.


...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation