0

I've got an issue with an exchange 2013 server. Any mail being sent to a gmail recipient is rejected due to IPv6 issues, with the following bounceback...

mx.google.com gave this error: [2002:c30a:e196::c30a:e196] Our system has detected that this message does not meet IPv6 sending guidelines regarding PTR records and authentication. Please review https://support.google.com/mail/?p=IPv6AuthError for more information . j10si13286393wrc.204 - gsmtp Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.

The machine doesn't use IPv6 at all, so I opted to add a entry to the registry in the following location, as suggested here...

hkey_local_machine\system\currentcontroset\services\tcpip6\parameters\

I added a Reg_dword titled disabledcomponents with a decimal value of 255 and rebooted the system.

When it came back online, most of the exchange services were stuck in 'starting'.

I removed the reg entry in question and rebooted, and we're back to normal, however I still have the mail delivery issue.

Has anyone come across this before? pretty much all of the results I can find with this end with this reg key being added and the issue being resolved.

Any help appriciated.

My IPv6 Preference list looks like this...

 Precedence  Label  Prefix
 ----------  -----  --------------------------------
    50      0  ::1/128
    40      1  ::/0
    35      4  ::ffff:0:0/96
    30      2  2002::/16
     5      5  2001::/32
     3     13  fc00::/7
     1     11  fec0::/10
     1     12  3ffe::/16
     1      3  ::/96
Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
John
  • 541
  • 4
  • 17
  • 34
  • 1
    If would be helpfull if you can include the "information" which is send to you from google. There is normally more information why the email is rejected. Additional: Is your exchange server the server which sends out the emails or another server? – BastianW Jun 27 '17 at 22:25
  • Valid comment - post updated. Yes... this exchange is sending out mails – John Jun 27 '17 at 22:27

3 Answers3

1

That is a legacy 6to4 address, a deprecated IPv6 transition technology. To solve the problem, you need to disable 6to4 on your server.

From PowerShell as Administrator:

Set-Net6to4Configuration –State disabled

While you're at it, you should also disable other IPv6 transition technologies that are known to cause problems, Teredo and ISATAP:

Set-NetTeredoConfiguration –Type disabled
Set-NetIsatapConfiguration –State disabled
Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
0
  1. Make sure that no connectors (check all! You might have more then one) in MS Exchange are bound to ipv6. Reconfigure them if needed. There might be an line like "(All Available IPv6)" as seen below:

enter image description here

  1. Uncheck IPv6 as written by Microsoft here
  2. Disable IPv6 as written by Microsoft here
  3. Doublecheck if the NICs are configured correctly (which depends on your environment, a good starting point might be here; search for NIC)
  4. Reboot the server
BastianW
  • 2,868
  • 4
  • 20
  • 34
0

Instead of disabling ipv6 another option is to modify the prefix policies so IPv4 addresses are used over IPv6 when available. 

C:\>netsh interface ipv6 show prefixpolicies
Querying active state...

    Precedence  Label  Prefix
----------  -----  --------------------------------
        50      0  ::1/128
        40      1  ::/0
        30      2  2002::/16
        20      3  ::/96
        10      4  ::ffff:0:0/96
         5      5  2001::/32

In the list above the lines with labels 3 and 4 represent IP4 compatibility listings. If you increase their precedence they will be preferred. 

C:\>netsh interface ipv6 set prefix ::/96 60 3
Ok.

C:\>netsh interface ipv6 set prefix ::ffff:0:0/96 55 4
Ok.

Now if you try to connect to hosts that return both IPv4 and IPv6 addresses from DNS the IPv4 ones will be preferred.

Brian
  • 3,476
  • 18
  • 16
  • ok, which ones for my list? Precedence Label Prefix ---------- ----- -------------------------------- 50 0 ::1/128 40 1 ::/0 35 4 ::ffff:0:0/96 30 2 2002::/16 5 5 2001::/32 3 13 fc00::/7 1 11 fec0::/10 1 12 3ffe::/16 1 3 ::/96 – John Jun 27 '17 at 23:42
  • Your list already has IPv4 preferred. Your Exchange server is unlikely to be what is making the IPv6 connections to external mail servers. Outbound mail is likely being put through a proxy or gateway at your firewall which is sending them on over IPv6. – Brian Jun 27 '17 at 23:49
  • It definately isn't in this case... Its a standalone exchange server with no proxy. :( – John Jun 27 '17 at 23:51