I’ve not experienced this problem sending emails via IPv6 to gmail destinations from my personal domain.

(delong.com)

Likely this email will, in fact, get sent to GMAIL via IPv6.

I do have good SPF and DKIM records and signing and a reasonable DMARC policy set up.

If ISC doesn’t have that yet, it might be a better alternative than turning off IPv6.

If that doesn’t solve it, I can reach out to someone at Google who can likely get the right parties involved.

Owen


On Apr 2, 2022, at 15:23, Jeroen Massar via NANOG <nanog@nanog.org> wrote:

Hi Dan,

Hope the rest of the world is treating you decently!

There are a lot of bits and bobs that one has to get right for mail to flow, amongst which:

- IP -> PTR lookup -> that hostname lookup, and match to IP again
  (https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS)
- SPF
- DKIM
- DMARC
- ARC (for mailinglists)
- SRS (When forwarding, rewrite the From and resign DKIM, and then ARC-sign that)
- Decent TLS
- MTA-STS

And that list grows and grows... and grows and grows. It is kinda a test if one has actually bothered to configure a setup, and not just are randomly sending an email by just telneting from a random server. Of course the large spam outfits have this fully automated and configured, so that their spam^Wadvertising comes through.

A wee little test tells that there are a few improvements to be made at minimum:

https://internet.nl/mail/isc.org/

• Not all authenticity marks against email phishing (DMARC, DKIM and SPF)
• Failed :Mail server connection not or insufficiently secured (STARTTLS and DANE)


Greets,
Jeroen (who also runs his own full net... and had jeroen@isc for a few years... ;) )