Gmail MX over IPv6

Fred Baker (fred) fred at
Thu Jun 21 08:39:25 CEST 2012

On Jun 20, 2012, at 11:28 PM, Mansoor Nathani wrote:

Since Gmail has enabled AAAA records for some of its MX hosts, my IPv4 only machine gets the Gmail IPv6 address and attempts to deliver email. Its only when the timeout has been reached will it try the IPv4 address.

I am curious if anyone else is experiencing this or perhaps I need to do something on the CentOS 6 box to disable IPv6 till the time when it has native IPv6 capability.

This is essentially the same issue described in RFC 6555. The good news is that it is largely fixed for common web browsers; the bad news is that the penny has not seem to have dropped that

(1) this is not about IPv4 vs IPv6, it's about having multiple addresses, some of which have a route and some don't at any given time, and
(2) this applies to any application.

Jun 21 02:14:47 onion postfix/cleanup[1494]: 435AD1A110A: message-id=<20120621061447.435AD1A110A at host.domain<mailto:20120621061447.435AD1A110A at host.domain>>
Jun 21 02:14:47 onion postfix/qmgr[1348]: 435AD1A110A: from=<user at host.domain<mailto:user at host.domain>>, size=448, nrcpt=1 (queue active)
Jun 21 02:15:09 onion postfix/smtp[1497]: connect to<>[2001:4860:b007::1b]:25: Connection timed out
Jun 21 02:15:10 onion postfix/smtp[1497]: 435AD1A110A: to=<myemailaddress at<mailto:myemailaddress at>>,<>[]:25, delay=23, delays=0.29/0.03/22/1.2, dsn=2.0.0, status=sent (250 2.0.0 OK 1340259310 e9si1516803ign.65)
Jun 21 02:15:10 onion postfix/qmgr[1348]: 435AD1A110A: removed

Mansoor nathani

On Sun, Jun 17, 2012 at 8:30 PM, Erik Kline <ek at<mailto:ek at>> wrote:
> On 18 June 2012 09:11, James Cloos <cloos at<mailto:cloos at>> wrote:
>>>>>>> "WSR" == Wolfgang S Rupprecht <wolfgang.rupprecht at<mailto:wolfgang.rupprecht at>> writes:
>> WSR> I got a hardfail from gmail.  Their SPF parsing for IPv6 is messed
>> WSR> up.  Maybe the "::" notation scewed up a string compare to
>> WSR> ":0:0:0:" or ":0:0:0:0:"?
>> I can confirm that.  I have a ip6: netblock in my spf and my outgoing
>> box's ipv6 is typically ascii-fied with a ::.  When I configure my
>> MTA to prefer ipv6 for outgoing, goog shows an spf fail.  When the MTA
>> uses ipv4 goog is happy.
>> I can see three possibilities:
>>  Their spf parses doesn't grok ip6: tagged entries at all.
>>  It doesn't handle addr/prefix notation for ipv6.
>>  It cannot compare explicit vs :: notation.
> An issue with SPF parsing was raised and I'm told a fix should be
> rolling out this week.

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the ipv6-ops mailing list