This afternoon I saw several log messages in our email server's logs in relation to emails our local business customer (who uses our ISP email server) was trying to send to a Microsoft Office 365 hosted domain:
"[::ffff:12.43.166.xx] Site <target domain redacted> (2a01:111:f400:7c0c::11) said after data sent: 554 5.7.1 Service unavailable, message sent over IPv6 [2607:fe28:0:4000::10] must pass SPF or DKIM validation (message not signed)" The PTR for 2a01:111:f400:7c0c::11 is mail-by26c0c.inbound.protection.outlook.com. But when I check the MX record of the target domain I see there's no AAAA for the <redacted>.mail.eo.outlook.com, just three A's. Fortunately we control our local business customer's DNS and I've added in our email server's DKIM so that future emails, if they were sent over IPv6, should be accepted by Microsoft. Our customer has no SPF record. I also saw two log messages for two Microsoft Office 365 hosted domains: 26 13:30:59.00 [56882563] Failed ::ffff:199.120.69.25 <notification+kyg2k...@facebookmail.com> <target domain1 email redacted> 9259 <1502549920004098-1497189607206...@groups.facebook.com> "[::ffff:199.120.69.25] ubad=0, Site (target domain1 redacted/2a01:111:f400:7c10::1:10) said: 550 5.2.1 Service Unavailable, [target domain1 redacted] does not accept email over IPv6" 26 19:04:52.00 [83985160] Failed ::ffff:12.43.166.20 <from redacted> <target domain2 email redacted> 6546 <0EBCBB96763E41B2A4CD9A4CD3DD94BE@sp.local> "[::ffff:12.43.166.20] ubad=1, Site (target domain2 email redacted/2a01:111:f400:7c0c::11) said: 550 5.2.1 Service Unavailable, [target domain2 email redacted] does not accept email over IPv6" There's no PTR for 2a01:111:f400:7c10::1:10. I checked the last 7 days of logs I only saw these today. It's like Microsoft published some AAAA's for some MX records, but then withdrew them, but not before there were a few failures. Frank