Gmail responding with "DSN: Service unavailable"

0

I have googled this widely :/ I have a Wordpress site, but the same happens from the command line. Sending a mail that ends up at the MX of:

mysite.com. 140 IN  MX  1 aspmx.l.google.com.

Leads to google saying:

Jun 12 16:06:48 mysite sm-mta[690]: x5CG6mcq000688: x5CG6mcq000690: DSN: Service unavailable

And a message in root's inbox of:

   ----- Transcript of session follows -----
... while talking to aspmx.l.google.com.:
>>> DATA
<<< 550-5.7.1 [2a00:1098:88:1a::1] Our system has detected that this message does
<<< 550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and
<<< 550-5.7.1 authentication. Please review
<<< 550-5.7.1  https://support.google.com/mail/?p=IPv6AuthError for more information
<<< 550 5.7.1 . m1si30413wml.153 - gsmtp
554 5.0.0 Service unavailable

--x5CG6mcq000690.1560355608/mysite.vs.mythic-beasts.com

I have a TXT record of:

mysite.com. 300 IN  TXT "v=spf1 include:_spf.google.com ~all"

as recommended by a random site. I've tried the Google instructions to no avail.

Any thoughts?

Dave Hodgkinson

Posted 2019-06-12T16:19:14.390

Reputation: 1

The error specifically talks about IPv6 guidelines. Does an IPv4 TXT SPF record satisfy this? – I say Reinstate Monica – 2019-06-12T16:29:42.007

@TwistyImpersonator: They've changed the actual support page to no longer list IPv6-specific requirements. – user1686 – 2019-06-12T16:46:30.860

@Dave: Can you clarify whether you're sending from mysite.com or to mysite.com? Is the domain using GSuite Mail? Asking because your SPF record seems to do the opposite of what you're apparently trying to do... – user1686 – 2019-06-12T16:47:40.260

I'm sending from the hostname mysite.vs.mythic-beasts.com – Dave Hodgkinson – 2019-06-12T18:25:50.857

The bounce message links to (https://support.google.com/mail/?p=IPv6AuthError) which appears to be in Greek.

– Dave Hodgkinson – 2019-06-12T18:26:46.083

I tried (https://support.google.com/a/answer/33786) this page, linked to from the bounce message. No dice. I now have a TXT record of:

mysite.com. 300 IN TXT "v=spf1 include:_spf.google.com ~all"

– Dave Hodgkinson – 2019-06-12T18:36:36.230

@grawity sending from my vps to gmail. – Dave Hodgkinson – 2019-06-12T18:38:33.243

What "From:" address are you using in WordPress mail settings? Do you have any "relay/smarthost" SMTP server configured in sendmail on the VPS? (Does your domain use GSuite or not? You still haven't answered that one.) – user1686 – 2019-06-12T18:42:16.620

@grawity: From: is from=root@mysite.vs.mythic-beasts.com. I've not touched the Sendmail configs at all. I'm only trying to send to Gmail. I don't use it myself.

– Dave Hodgkinson – 2019-06-12T18:51:01.830

Answers

1

First of all, if you're sending from your VPS and not from GSuite, then putting Google addresses in SPF is the completely wrong thing to do.

Your SPF records tell recipients what servers are authorized to be the sender – so if you send mail directly from your VPS, then your domain's SPF records must of course include the VPS.

(Similarly, if your domain doesn't receive mail at GSuite, then listing Google MX server addresses is useless, as Google will just reject all mail that goes to *@mysite.com.)

Second, it's not even the same domain as the From field in your email messages. If your messages come from @mysite.vs.mythic-beasts.com, then recipients will only look for SPF records at mysite.vs.mythic-beasts.com – they have absolutely no reason to look at mysite.com in the first place. You should fix this in Sendmail, as Mythic Beasts is unlikely to allow you to use their subdomains for email.

Finally, the Gmail support page on IP guidelines says:

The sending IP must have a PTR record (i.e. a reverse DNS of the sending IP) and match the IP obtained via the forward DNS resolution of the hostname specified in the PTR record.

Your IP address, 2a00:1098:88:1a::1, currently does not have reverse DNS configured. You need to configure this in the Mythic Beasts control panel.

user1686

Posted 2019-06-12T16:19:14.390

Reputation: 283 655

I'm not using mythic-beasts for DNS, I'm using Cloudflare. Anyhow problem solved. I set a smarthost going through the mythic beasts server. – Dave Hodgkinson – 2019-06-12T19:09:05.100

"Reverse DNS" is always set by the owner of the IP address (since it's an IP→domain mapping, hence "reverse"), so your domain's DNS host is irrelevant – what's relevant is the company which hosts your VPS. – user1686 – 2019-06-12T19:29:24.203

Asked: 2019-06-12T16:19:14.390

Viewed: 126 times

Active: 2019-06-12T19:03:43.363