Mail sending to google over IPV6 instead of IPV4 and getting rejected

Support
,
1

NethServer Version: 7.6.1810
Module: Mail

Like the title, today my Nethserver started sending email to google servers over IPV6 for some reason, even though a static IPV4 is setup under the red interface. Is there a way to force IPV4 for all email, or to disable IPV6 completely?

2

I am assuming:

  • NethServer is the public MailServer for your domain.
  • You have already did all the homework for DNS and IPv4 (SPF, MX Record, A record, reverse pointer, maybe even DKIM and DMARC)
  • Your connection is IPv6 capable and you have IPv4 and IPv6 static and public address

For your current IPv6 public address…

  • Is any AAAA record into your DNS?
  • Are both AAAA and A records included into MX record?
  • Is there any reverse pointer for your public address?
  • Is your SPF currently considering both addresses as source of good email?

As far as know, NethServer install media do not configure or enable IPv6 stack for interfaces (but i am assuming that is ready to be configured and used), but maybe you started from scratch CentOS adding NethServer.
Maybe I am assuming a lot of things wrong, but… your post do not describe anything about your setup, if it’s on premises or on cloud, virtual phisical etc etc…

3

NethServer is the public MailServer for my domain.
These are all in place.
The connection is IPV6 capable, however I only have the IPV4 address setup in Nethserver, I don’t even see any IPV6 options?
There is no AAAA record in my DNS.
No AAAA record for my MX record, my MX record points to my IPV4 address (A record)
SPF is only specified for IPV4, I don’t use IPV6 in my DNS.

The return message from Google has the NS’s IPV6 address in the message.

[IPV6 Address] Our system has detected that
550-5.7.1 this message does not meet IPv6 sending guidelines regarding PTR
550-5.7.1 records and authentication. Please review 550-5.7.1

So I don’t know why Google is all of a sudden seeing that IP. I have been replying to an email address about a support ticket all day yesterday, and all of a sudden today it’s rejecting for IPV6.

4

Do NethServer has IPv4 Pubblic address on red interface?
Also, is your ISP CPE (i am assuming a router) the default gateway of Red Interface?
Which DNS Server are used by NethServer installation?

5

It appears it has started working again. That is strange as I didn’t change anything. I think there may have been a DNS failure? Interesting because the DNS I have setup in NS is 8.8.8.8 (Google)…

Emails are working again without issue.

What’s that old haiku?
It’s not DNS
There’s no way it’s DNS
It was DNS.

6

It’s quite “understandable” for me…
For few hours, 8.8.8.8 answered to your server an IPv6 address instead of an IPv4 address. Therefore i’m assuming that Postfix contacted the IPv6 address. And the source of the IPv6 pubblic address of your connection.
Which is not correctly configured into DNS panel of your public domain for sending messages.

Maybe cache data of the google server expired, so 8.8.8.8 answered to query from NethServer an IPv4 address, correctly connected by postfix.

Also there’s another option: a server of the clusters of google was not correctly configured and it was fixed or removed from cluster.