Goofy8669

Q: Message does not meet IPv6 sending guidelines regarding PTR 550-5.7.1 records and authentication

I use OS X Server (El Capitan) as my personal email server. Everything is configured correctly. Mail works great for every domain except google gmail. This has been going on for 2-3 years...when ever I send email to Gmail users I get "undelivered mail returned to sender" which explains "this message does not meet IPv6 sending guidelines regarding PTR 550-5.7.1 records and authentication".

How can this be fixed?

Mac mini Server (Mid 2010), OS X Server, null

Posted on Apr 28, 2016 4:00 PM

Close

Q: Message does not meet IPv6 sending guidelines regarding PTR 550-5.7.1 records and authentication

  • All replies
  • Helpful answers

  • by Goofy8669,

    Goofy8669 Goofy8669 May 1, 2016 8:20 AM in response to Goofy8669
    Level 1 (8 points)
    Servers Enterprise
    May 1, 2016 8:20 AM in response to Goofy8669

    I resolved this myself.

     

    After digging into the issue (there is a post in Apple Support Communities by Paul Derby "Google blocks receipt of IPv6 email sent by OS X Server"), I found the hack to force postfix to use IPv4 not to work.

     

    Instead, I ended up setting the Configure IPv6 to "Link-local only" in the Advanced Network configuration for Ethernet. (It had been set to "Automatically", perhaps as a default, when updating OS X - Server sometime ago.)

     

    I can now send to gmail addresses from my client devices without issue. However, it appears that the Internet Reachability function does not work now and so I disabled it (a small price to pay).

  • by toop68,

    toop68 toop68 May 11, 2016 12:13 PM in response to Goofy8669
    Level 1 (27 points)
    Servers Enterprise
    May 11, 2016 12:13 PM in response to Goofy8669

    Google accepts IPv6 but you need to have a SPF record in your DNS zone that also contains your IPv6 address as allowed MailSender for your domain.

  • by Goofy8669,

    Goofy8669 Goofy8669 May 15, 2016 4:55 PM in response to toop68
    Level 1 (8 points)
    Servers Enterprise
    May 15, 2016 4:55 PM in response to toop68

    toop68,

    I'm willing to try putting in a DNS entry for IPv6 on my server but please provide me the details (example) of how that would be done. Also I imagine that my domain registry would need to have the same DNS entry. When I looked into doing that (GoDaddy) there didn't seem to be a way to do it.

    Thanks,

    goofy8669

  • by toop68,Solvedanswer

    toop68 toop68 May 16, 2016 1:57 AM in response to Goofy8669
    Level 1 (27 points)
    Servers Enterprise
    May 16, 2016 1:57 AM in response to Goofy8669

    goofy8669

     

    You only need to create a spf or txt record in your public dns( at your register) as this will be queried by your counterpart mail exchange.

     

    On how to achieve this at GoDaDy - I am not sure (not a customer of them)

    but i presume go to your where your product are (domain name) and see if there is an option to maintain dns for this domain

    add a new record (txt or spf) pref a txt record as the spf record is deprecated.

     

    this is my  txt record ”v=spf1 mx a ip4:83.163.175.235/32 ip6:2001:982:b301:1:6a5b:35ff:fec6:41b4 a:frodo.cornerstoneshop.nl a:pepijn.xs4all.nl -all"

     

    if you do a NSlookup -query=txt domain.com you’ll get the txt/spf of that domain

    there is a good site to check if your txt/spf records are ok — http://www.kitterman.com/spf/validate.html

     

    good luck

    toop68

  • by Goofy8669,

    Goofy8669 Goofy8669 May 16, 2016 2:52 PM in response to toop68
    Level 1 (8 points)
    Servers Enterprise
    May 16, 2016 2:52 PM in response to toop68

    toop68,

    Thanks to you, I am happy to report that the gmail rejection problem is solved!

     

    I re-enabled IPv6 on OS X Server, went to my domain register and edited my SPF MX text record successfully. As you said, there was nothing to do in the server DNS. To re-iterate for others benefit, it's important to wait a period of time when updating DNS records until they take effect before trying to test the new settings.

     

    Your example was very helpful (syntax) for creating my own txt record. In fact, I have never seen any documentation that describes the SPF text record syntax in this way before. As a side comment, the quotes are unnecessary for the GoDaddy DNS text records; but may be required in other domain registers.

     

    Many thanks!!

    goofy8669

  • by Goofy8669,

    Goofy8669 Goofy8669 May 17, 2016 1:07 PM in response to Goofy8669
    Level 1 (8 points)
    Servers Enterprise
    May 17, 2016 1:07 PM in response to Goofy8669

    Update: I want to take it back...you do need the quotation makes for the text record in GoDaddy...they are necessary.