Dropping Google AAAA records (was: Force IPv4 by Destination MX)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Dropping Google AAAA records (was: Force IPv4 by Destination MX)

Wietse Venema
This is how three years ago I solved IPv6 problems for all domains
that have Google as an MX host.

/etc/postfix/main.cf:
    smtp_dns_reply_filter = pcre:/etc/postfix/smtp_dns_reply_filter

/etc/postfix/smtp_dns_reply_filter:
    # /domain ttl IN AAAA address/ action, all case-insensitive.
    # Note: the domain name ends in ".".
    /^\S+\.google.com\.\s+\S+\s+\S+\s+AAAA\s+/ IGNORE

This drops all AAAA records from Google MX hosts, effectively forcing
Postfix to deliver over IPv4.

I adopted this because their PTR lookups did not distinguish between
'try again' and 'does not exist', causing them to reject legitimate
email.

        Wietse
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Dropping Google AAAA records (was: Force IPv4 by Destination MX)

Mark Raynsford
On 2017-07-09T19:15:29 -0400
[hidden email] (Wietse Venema) wrote:

> This is how three years ago I solved IPv6 problems for all domains
> that have Google as an MX host.

Thanks for this. Personally, I don't expect to hear back from Google,
so I'll be implementing this one myself.

M

attachment0 (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Dropping Google AAAA records (was: Force IPv4 by Destination MX)

Scott Talbert
In reply to this post by Wietse Venema
On Sun, 9 Jul 2017, Wietse Venema wrote:

> This is how three years ago I solved IPv6 problems for all domains
> that have Google as an MX host.
>
> /etc/postfix/main.cf:
>    smtp_dns_reply_filter = pcre:/etc/postfix/smtp_dns_reply_filter
>
> /etc/postfix/smtp_dns_reply_filter:
>    # /domain ttl IN AAAA address/ action, all case-insensitive.
>    # Note: the domain name ends in ".".
>    /^\S+\.google.com\.\s+\S+\s+\S+\s+AAAA\s+/ IGNORE
>
> This drops all AAAA records from Google MX hosts, effectively forcing
> Postfix to deliver over IPv4.
>
> I adopted this because their PTR lookups did not distinguish between
> 'try again' and 'does not exist', causing them to reject legitimate
> email.

Thanks, this seems to be working well for me.

Scott
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Dropping Google AAAA records

James Cloos-9
In reply to this post by Wietse Venema
>>>>> "WV" == Wietse Venema <[hidden email]> writes:

WV> This is how three years ago I solved IPv6 problems for all domains
WV> that have Google as an MX host.

Also works perfectly here.

Thanks!

-JimC
--
James Cloos <[hidden email]>         OpenPGP: 0x997A9F17ED7DAEA6
Loading...