Try checking with
Mail -v cxbrooks@gmail.com
The output was:
he original message was received at Fri, 11 Oct 2013 16:30:34 -0700 from localhost [127.0.0.1] ----- The following addresses had permanent fatal errors -----(reason: 550-5.7.1 [2002:8020:302d:a:3640:b5ff:fea2:4ec4 16] Our system has detected) ----- Transcript of session follows ----- ... while talking to gmail-smtp-in.l.google.com.: >>> DATA <<< 550-5.7.1 [2002:8020:302d:a:3640:b5ff:fea2:4ec4 16] Our system has detected <<< 550-5.7.1 that this message does not meet IPv6 sending guidelines regarding PTR <<< 550-5.7.1 records and authentication. Please review <<< 550-5.7.1 https://support.google.com/mail/?p=ipv6_authentication_error for more <<< 550 5.7.1 information. rq5si40635658pbc.213 - gsmtp 554 5.0.0 Service unavailable
https://support.google.com/mail/?p=ipv6_authentication_error says talks about reverse records
Additional guidelines for IPv6
- The sending IP must have a PTR record (i.e., a reverse DNS of the sending IP) and it should match the IP obtained via the forward DNS resolution of the hostname specified in the PTR record. Otherwise, mail will be marked as spam or possibly rejected.
- The sending domain should pass either SPF check or DKIM check. Otherwise, mail might be marked as spam.
It looks like moog is not listed in the eecs.berkeley.edu SPF record
bash-3.2$ dig txt eecs.berkeley.edu ; <<>> DiG 9.8.5-P1 <<>> txt eecs.berkeley.edu ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65479 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;eecs.berkeley.edu. IN TXT ;; ANSWER SECTION: eecs.berkeley.edu. 86400 IN TXT "google-site-verification=YJiK5da_tc6VgbOJ1dbJASQwGKHB0mdqOw_qLK8JoLY" eecs.berkeley.edu. 86400 IN TXT "v=spf1 a:gateway0.EECS.Berkeley.EDU ~all" ;; Query time: 139 msec ;; SERVER: 75.75.75.75#53(75.75.75.75) ;; WHEN: Mon Oct 14 14:25:57 PDT 2013 ;; MSG SIZE rcvd: 169 bash-3.2$
One thing is to make sure that the domain name has a spf record like:
v=spf1 ip4:128.32.48.150 ?allThe response from help@eecs was:
Good morning. moog does have an IPv4 PTR dns record -host 128.32.48.150 150.48.32.128.in-addr.arpa domain name pointer moog.EECS.Berkeley.EDU.Is moog self-assigning it self an IPv6 address
[2002:8020:302d:a:3640:b5ff:fea2:4ec4]
and telling the MX for gmail.com about it. If you can configure moog to stop telling the MX for gmail.com about an IPv6 IP address perhaps the email will go through.
There are two possibilities:
Get Sendmail to stop connecting via IPv6
Get moog to stop connecting via IPv6
http://productforums.google.com/forum/#!msg/gmail/K5klFKDnUAE/7Cs38oHW-IcJ has some info about how this has started happening.
dig any terraswarm.org | grep TXT terraswarm.org. 3600 IN TXT "v=spf1 ip4:128.32.48.150 ?all"This does not solve the problem for moog.
With moog, if we could add a similar record to the eecs.berkeley.edu DNS record, then that would solve it.
Another idea would be disable IPv6, but that seems dumb as we are moving towards IPv6.
From running tcpdump, can see that we get the MX record
for gmail and then get the AAAA record for the gmail MX host. Then, we start getting IPv6 requests. One issue is that nmap -6
shows that we are not accepting smtp connections, so this would need to be addressed. This could be a firewall issue