EXIM, PTR/rDNS, IPv6 problem. phpmail emails to gmail returning

[PauldeBont]

Hi,

I have a problem with outgoing emails on my VPS.

As far i know there are two ways to email.
1. With a email client thru a smtp server (own server smtp)
2. Send email with php mail

The first way works 100%
The second way (a the same server) doesn't work good
If DirectAdmin send a welcome email to a gmail address and come with an IPv6 error and the emails ere returning
And this error occurred also when i send emails with a contactform


The log (/var/log/exim/mainlog) gives this messages:

<= [email protected] U=diradmin P=local S=1848 T="Your account for mydomain.nl is now ready for use." from <[email protected]> for [email protected] 
=> beheer <[email protected]> F=<[email protected]> R=virtual_user T=virtual_localdelivery S=1973 
   Completed 
<= [email protected] U=diradmin P=local S=1848 T="Your account for .nl is now ready for use." from <[email protected]> for [email protected] 
** [email protected] F=<[email protected]> R=lookuphost T=remote_smtp H=gmail-smtp-in.l.google.com [2a00:1450:4013:c01::1a] X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=yes: SMTP error from remote mail server after end of data: 550-5.7.1 [2a01:7c8:aabb:30d:5054:ff:fe89:c1b5] Our system has detected that\n550-5.7.1 this message does not meet IPv6 sending guidelines regarding PTR\n550-5.7.1 records and authentication. Please review\n550-5.7.1  https://support.google.com/mail/?p=ipv6_authentication_error for more\n550 5.7.1 information. n65si19369332wma.43 - gsmtp 
<= <> R=1aCNAY-0002qo-8o U=mail P=local S=3952 T="Mail delivery failed: returning message to sender" from <> for [email protected] 
   Completed 
=> :blackhole: <[email protected]> R=system_aliases 
   Completed

Next message in the log after a email send with a contactform to a gmail address

2015-12-25 09:12:43 1aCNUR-00043L-Si <= [email protected] U=da-user P=local S=1159 [email protected] T="Neem direct contact op met \"Paul\"" from <[email protected]> for [email protected] 
2015-12-25 09:12:44 1aCNUR-00043L-Si ** [email protected] F=<[email protected]> R=lookuphost T=remote_smtp H=gmail-smtp-in.l.google.com [2a00:1450:4013:c00::1b] X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=yes: SMTP error from remote mail server after end of data: 550-5.7.1 [2a01:7c8:aabb:30d:5054:ff:fe89:c1b5] Our system has detected that\n550-5.7.1 this message does not meet IPv6 sending guidelines regarding PTR\n550-5.7.1 records and authentication. Please review\n550-5.7.1  https://support.google.com/mail/?p=ipv6_authentication_error for more\n550 5.7.1 information. z6si29184769lbf.22 - gsmtp 
2015-12-25 09:12:44 1aCNUS-00043Q-LW <= <> R=1aCNUR-00043L-Si U=mail P=local S=3246 T="Mail delivery failed: returning message to sender" from <> for [email protected] 
2015-12-25 09:12:44 1aCNUR-00043L-Si Completed 
2015-12-25 09:12:44 1aCNUS-00043Q-LW => da-user <[email protected]> F=<> R=localuser T=local_delivery S=3346 
2015-12-25 09:12:44 1aCNUS-00043Q-LW Completed

My DNS look like this:
[table="width: 500"]
[tr]
[td]@[/td]
[td]A[/td]
[td]1.1.1.1[/td]
[/tr]
[tr]
[td]@[/td]
[td]AAAA[/td]
[td]1:1:1:1:1:1:1:1[/td]
[/tr]
[tr]
[td]@[/td]
[td]MX[/td]
[td]10 @[/td]
[/tr]
[tr]
[td]@[/td]
[td]MX[/td]
[td]20 relay.transip.nl.[/td]
[/tr]
[tr]
[td]@[/td]
[td]TXT[/td]
[td]v=spf1 a mx ip4:1.1.1.1 ip6:1:1:1:1:1:1:1:1 include:_spf.google.com ~all[/td]
[/tr]
[tr]
[td]ftp[/td]
[td]CNAME[/td]
[td]@[/td]
[/tr]
[tr]
[td]mail[/td]
[td]CNAME[/td]
[td]@[/td]
[/tr]
[tr]
[td]srv01[/td]
[td]CNAME[/td]
[td]@[/td]
[/tr]
[tr]
[td]srv01.mydomain.nl[/td]
[td]TXT[/td]
[td]v=spf1 a mx ip4:1.1.1.1 ip6:1:1:1:1:1:1:1:1 include:_spf.google.com ~all[/td]
[/tr]
[tr]
[td]www[/td]
[td]CNAME[/td]
[td]@[/td]
[/tr]
[tr]
[td]x._domainkey[/td]
[td]TXT[/td]
[td]v=DKIM1; k=rsa; p=thepublickey[/td]
[/tr]
[tr]
[td]_dmarc[/td]
[td]TXT[/td]
[td]v=DMARC1; p=none; sp=none; rua=mailto:[email protected][/td]
[/tr]
[/table]

and the PTR/rDNS records for IPv4 and IPv6 are:
srv01.mydomain.nl 1.1.1.1
srv01.mydomain.nl 1:1:1:1:1:1:1:1

Emails send with a client get a 10/10 score with http://www.mail-tester.com/
Emails send with DirectAdmin (i think with phpmail) gets a 9/10 score result with the comment that DKIM is missing

Besides my english... what did i do wrong

 

[basilcool]

Same problem

I have same problem. Do you solve it?

 

[Wanabo]

Same problem here. I have two KVM VPS'es, both have CSF firewall.
Messages sent by CSF are not correctly signed with DKIM on 1 VPS, but on the other VPS it works correctly.
Did an extensive comparison with both servers, but could not find a solution.
I suspect it has something to do with SNI, but I'm no expert just a hobby admin.

I'll certainly will track this tread in the hope for solutions.

 

[SeLLeRoNe]

Both the errors talk about PTR, it means that the Reverse DNS of your IPv6 Address don't match the server hostname.

Also, this seems to be an error:
srv01.mydomain.nl TXT v=spf1 a mx ip4:1.1.1.1 ip6:1:1:1:1:1:1:1:1 include:_spf.google.com ~all

The left side, should be srv01.mydomain.nl. (yes, with the last ".")

Best regards

 

[Richard G]

It's not only the PTR in this case.
This is from the subject title:

phpmail emails to gmail returning

PHP mail is unauthenticated email. If you use Dkim and Dmarc records, you can only send authenticated mail from that domain, otherwise Gmail (amongst others) will refuse the mail because it's not authenticated.