| Linode Forum https://forum.linode.com/ |
|
| SPF Gmail Fail ipv6 https://forum.linode.com/viewtopic.php?f=11&t=11029 |
Page 1 of 1 |
| Author: | davedags [ Thu May 08, 2014 2:22 pm ] |
| Post subject: | SPF Gmail Fail ipv6 |
I have mail successfully working using postfix/dovecot. However, I realized that when mailing to GMAIL and connecting via ipv6 address for my linode, gmail SPF headers show that it is a softfail. It works perfectly when it connects via ipv4, my standard linode address. I have set up SPF records, trying numerous combinations. The only way I could squelch this for now was to completely disable ipv6. Does anyone know if there is a solution or if I am just doing something wrong? Any help is greatly appreciated. DNS is syntactically OK and so is the SPF txt record according to tools i have used. I set reverse dns in linode for the ip4 and ip6 pointing to my main host dags.io DNS Zone File, including TXT record. ; dags.io [570724] $TTL 86400 @ IN SOA ns1.linode.com. dave.dags.io. 2014050849 14400 14400 1209600 86400 @ NS ns1.linode.com. @ NS ns2.linode.com. @ NS ns3.linode.com. @ NS ns4.linode.com. @ NS ns5.linode.com. @ MX 1 dags.io. @ MX 1 iver.dags.io. @ TXT "v=spf1 a mx ip4:50.116.36.39 ip6:2600:3c02::f03c:91ff:fe6e:3d73 ~all" @ A 50.116.36.39 iver A 50.116.36.39 mail A 50.116.36.39 www A 50.116.36.39 yum A 50.116.36.39 @ AAAA 2600:3c02::f03c:91ff:fe6e:3d73 iver AAAA 2600:3c02::f03c:91ff:fe6e:3d73 mail AAAA 2600:3c02::f03c:91ff:fe6e:3d73 www AAAA 2600:3c02::f03c:91ff:fe6e:3d73 yum AAAA 2600:3c02::f03c:91ff:fe6e:3d73 IPv6 Failed SPF GMAIL Header Return-Path: <dave@dags.io> Received: from iver (dags.io. [2600:3c02::f03c:91ff:fe6e:3d73]) by mx.google.com with ESMTP id z46si2526127yhl.4.2014.05.08.11.02.07 for <davedags@gmail.com>; Thu, 08 May 2014 11:02:07 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning dave@dags.io does not designate 2600:3c02::f03c:91ff:fe6e:3d73 as permitted sender) client-ip=2600:3c02::f03c:91ff:fe6e:3d73; IPv4 WORKING SPF GMAIL Header Received: from iver (dags.io. [50.116.36.39]) by mx.google.com with ESMTP id t64si2495603yhd.78.2014.05.08.11.01.20 for <davedags@gmail.com>; Thu, 08 May 2014 11:01:20 -0700 (PDT) Received-SPF: pass (google.com: domain of dave@dags.io designates 50.116.36.39 as permitted sender) client-ip=50.116.36.39; |
|
| Author: | davedags [ Thu May 08, 2014 8:02 pm ] |
| Post subject: | Re: SPF Gmail Fail ipv6 |
ok - well, i just checked and with no other changes, it suddenly is working! I did add reverse DNS for my ip6 address this morning so maybe it just took longer to get through to googs. either way, seems it is working now! |
|
| Author: | sweh [ Thu May 08, 2014 9:48 pm ] |
| Post subject: | Re: SPF Gmail Fail ipv6 |
DNS records have a TTL associated with them. If a client (eg google) has looked up a record (eg your TXT record) then it'll cache the result for the duration of the TTL. I think linode TTLs are 1 day, so any DNS change you make might take up to 24 hours to propagate fully. (Also google doesn't strictly follow DNS semantics, but it's close enough). |
|
| Author: | Napoleon [ Wed Jan 28, 2015 1:36 am ] |
| Post subject: | Re: SPF Gmail Fail ipv6 |
How did you set a reverse DNS for your IP6 address? Cheers Nap |
|
| Author: | jcurry [ Mon Feb 02, 2015 2:27 pm ] |
| Post subject: | Re: SPF Gmail Fail ipv6 |
Napoleon wrote: How did you set a reverse DNS for your IP6 address? You can set RDNS for IPv6 the same as you do IPv4. Create forward AAAA records first, go to Remote Access tab for your Linode, enter the name and click Look Up. We'll check to make sure there's an AAAA record pointing to your Linode's IPv6 address and if there is, you'll be asked to confirm you want to set your reverse record. |
|
| Author: | Napoleon [ Tue Feb 03, 2015 12:36 am ] |
| Post subject: | Re: SPF Gmail Fail ipv6 |
@JCurry Ok, thanks. I had to setup the AAAA records first (which is what I did wrong when I tried it earlier). Then, after waiting for the propagation, the Look Up button asked me if I wanted to use the IP6 address.  While on the subject of DNS setup; If I have an entry with a wildcard hostname, should I still add specific hostnames? |
|
| Author: | jcurry [ Wed Feb 04, 2015 3:51 pm ] |
| Post subject: | Re: SPF Gmail Fail ipv6 |
Napoleon wrote: While on the subject of DNS setup; If I have an entry with a wildcard hostname, should I still add specific hostnames? If you have a wildcard record then you only need to set records up for records which differ. Just be careful in the future if you decide to change what the wildcard points to while relying on a specific name that isn't in your zone which you might not want to change with your wildcard. |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|