Re: google bouncing emails - ipv6 ptr problem?

Wed, 19 Nov 2014 17:52:54 -0800 

This is kind of what I was thinking was the case...

On 11/19/2014 07:28 PM, Mark Martinec wrote:

Robert Moskowitz wrote:

Perhaps this should go to the bind list, but all of my checking shows
my ipv6 ptr record is working.

This started, I think, last week.  I was running an old mailserver and
sent many an email to the cubieboard list.

Just today I finally upgraded my mailserver, but still get the bounce.
 My current system is running Redsleeve 6 (Centos 6 for ARM), and
postfix-2.6.6-6

The bounce from google says:

                   The mail system

<cubiebo...@googlegroups.com>: host
    gmr-smtp-in.l.google.com[2607:f8b0:4001:c08::e] said: 550-5.7.1
    [2607:f4b8:3:3:67:15ff:fe00:180] Our system has detected that this
550-5.7.1 message does not meet IPv6 sending guidelines regarding PTR 
    records 550-5.7.1 and authentication. Please review 550-5.7.1
https://support.google.com/mail/?p=ipv6_authentication_error for more 550 
    5.7.1 information. f9si145249igt.0 - gsmtp (in reply to end of DATA
    command)


Note the '...and authentication' in that message!

Read that web document again, note the 'Additional guidelines for IPv6'
and the second bullet there:

  . The sending domain should pass either SPF check or DKIM check.
    Otherwise, mail might be marked as spam.
But until I confirmed from others that DNS looked ok. Also until today, I could not implement DKIM, if I wanted to. 






I checked via my Verizon wireless MiFi connection and that IPv6
address ptr does point to z9m9z.htt-consult.com  I have gone to the
listed web page, and believe my ipv6 dns is correct.


Looks alright, although DNS checkers have some complaints
regarding your domain:

  http://www.webwiz.co.uk/domain-tools/
There ARE some reverse look up issues, but I am doing it the way you need to if your reverse lookup is delegated from a larger block. I will need to look further into this. 


  http://www.intodns.com/
  http://www.dnsqueries.com/en/



I have not implemented spf or dkim.


There you go!
Consider also publishing a DMARC record, not necessarily restrictive.
Will have to read up on DMARC records. Hopefully they are not as bad as spf are.

Reply via email to