sendmail can not deliver to gmail - IPv6 sending guidelines regarding PTR records not met
Solution 1:
Check the current protocols:
postconf inet_protocols
net_protocols = all
Edit cf File if it returns
all
grep 'inet_protocols' /etc/postfix/main.cf
inet_protocols = ipv4
Restart
service postfix restart
Check it again
postconf inet_protocols
inet_protocols = ipv4
Solution 2:
From Google's point of view, they are trying to verify the identity of the IP address connecting to them, so they will attempt to look up the PTR
record for 2a01:4f8:212:27c8::2
.
When they resolve that to staging.findix.com
, they will then attempt to check that this resolves back to 2a01:4f8:212:27c8::2
- which it doesn't - see this lookup result.
Reverse (PTR record) Lookup
cwatson@thor:~$ nslookup 31.220.4.52
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
52.4.220.31.in-addr.arpa name = tyr.vikingserv.net.
Forward (A record) Lookup
cwatson@thor:~$ nslookup tyr.vikingserv.net
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: tyr.vikingserv.net
Address: 31.220.4.52
Solution 3:
Your smtp server hostname could be a problem. It seemed to be the case for me. POstfix was somehow sending a host name to smtp.gmail.com not relevant with my smtp domain name.
Solution 4:
I think Google's response is a bit disingenuous. Even though their "error message" mentions PTR, the 550 5.7.1 is about relaying. I too was getting this error on a Postfix / Dovecot install, but I fixed it via a few step:
- Adding the IPv6 IP info to your ifcfg-eth0 config on the mail server
- Adding a AAAA MX record on your DNS
- Adding the IPv6 ranges of all "authorized senders" in your postfix/main.cf on your mail server.
I have AT&T Business UVerse, and they don't support static IPv6 for PTR, but after doing the above steps Google stopped erroring out. I used https://www.ultratools.com/ipv6Tools to convert from IPv4 to IPv6. Finally, I put everything together in a howto on my site at Enabling IPV6 on CentOS (for sending and receiving mail)