• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Can't send email to AAAA-only domain [Solved]

Started by Hello71, November 17, 2012, 10:12:35 AM

Previous topic - Next topic

Hello71

Trying to do the IPv6 MTA challenge. I have a domain registered at afraid.org, hello71.us.to, with no MX record but an AAAA record pointing to 2001:470:1d:32::1, which is in my /64 and has been configured (other hosts can ping it). I can also send email from other hosts (Gmail) to hello71.us.to successfully. When I try to send email to *@hello71.us.to from the certification page, it says "No MX found for your domain. Failed to get AAAA" even though there is an AAAA record for hello71.us.to and has been for the past few hours. (the TTL is 1 hour) Any help?

KiLaHuRtZ

You need the MX record to point your domain towards your mail servers.  Likewise, you also need the AAAA record for said mail server so it can discover the server's IP address.  In bind, it is done like this...

@ IN MX 10 mailserver.somedomain.tld.

mailserver IN AAAA <IPv6 Address>

Hello71

But if there's no MX record, then it should use the AAAA/A record, no?

mikie

There needs to be a MX (mail exchanger) record in your DNS zone file pointing to a host for email to work.
Some email systems are slacker than others in what they will allow to work.

snarked

Wrong.  An MX record is not required for SMTP to work.  Where there is no MX record, the host is supposed to be contacted directly (as if an MX of priority 0 existed) via its address records (A or AAAA; A6 and APL aren't used).

It's possible that the MX test requires an MX-RR to exist.  It is also good practice to have an MX record (even if it points to itself), especially for those systems that don't cache negative DNS answers.

Hello71

Okay then, I added an MX record pointing to itself and now it works. Sent off an email to ipv6@he.net informing them that their MTA is itself non-compliant. Thanks everyone!

broquea

It isn't an MTA in the sense of Sendmail, Postfix, etc. It is a PHP script that looks for an MX record, then tries connecting directly to that :)

kasperd

Fallback to using an A record directly without going through an MX record exists for backward compatibility with systems from before the MX record was introduced. Since the MX record is older than IPv6, those systems would be IPv4 only. As such using AAAA records directly shouldn't be needed. I haven't found an RFC giving a clear answer as to whether such a configuration is valid, but it is definitely not a recommended configuration.