We are a small business running Exchange 2007 on SBS 2008. We have Qwest DSL and are using a Cisco Linksys E4200 wireless router as our firewall. Server system updates have been applied. IPv6 is implemented using the "6to4" scheme ("2002" address). This might be the origin of our problem.
For the past several weeks (don't know exactly when it started) every email sent from our system to a gmail address is bounced with the following "explanation:"
mx.google.com #550-5.7.1 [2002:d8a0:4c56:0:29da:6406:31c0:58e4 16] The sender does not 550-5.7.1 meet basic ipv6 sending guidelines of authentication and rdns 550-5.7.1 resolution of sending ip. Please review 550 5.7.1 https://support.google.com/mail/answer/81126for more information. gx9si17870082pac.301 - gsmtp ##
The referenced support document advises the following:
Additional guidelines for IPv6
The sending IP must have a PTR record (i.e., a reverse DNS of the sending IP) and it should match the IP obtained via the forward DNS resolution of the hostname specified in the PTR record. Otherwise, mail will be marked as spam or possibly rejected.
The sending domain should pass either SPF check or DKIM check. Otherwise, mail might be marked as spam.
We did not have the SPF record, so I created the requisite text record in our hosted DNS record that passes all checks. I created a PTR record for the IPv6 server address on the local system but our domain host (Network Solutions) does not have an obvious way to do that in their user interface for domain management.
Oddly, every time I make any kind of change to the DNS record of the local system or on the domain host, Google accepts our email for a few hours then the rejections start again. I submitted a support form to Google but have received no answer; I have read that this is all too common.
Web research also resulted in a suggestion that IPv6 be mostly disabled on the local system by creating or setting a registry key, "DisabledComponents," to 0xffffffff. Tried this, but it was an unqualified disaster. User profiles were unavailable, VPN became unusable, and I had to log in using Safe Mode to restore the old registry setting which reversed the damage.
My web searches have revealed that many mail system managers are encountering this problem but I have found no solutions for my system. I know that this is not strictly an Exchange compatibility problem because many of the related online posts regard Postfix servers. If you have found a way around this problem that applies to my server environment I'd love to hear from you.