Update: as pointed out by p1mrx, this is caused by DigitalOcean’s blocking some mail related IPv6 traffic to avoid abuse, similar to what’s described in IPv6 on Digital Ocean is crippled.
TLDR: Gmail appears to support IPv6 for SMTP by broadcasting an IPv6 address
for its IMAP and SMTP services. However, whatever behind the IPv6 address
doesn’t accept SMTP connections.
According to Set up Gmail with Outlook, Apple Mail, or other mail clients
you should use smtp.gmail.com when sending mails, via port 465 or 587.
smtp.gmail.com supports IPv6 (yay!):
$ host smtp.gmail.com
smtp.gmail.com is an alias for gmail-smtp-msa.l.google.com.
gmail-smtp-msa.l.google.com has address 74.125.68.108
gmail-smtp-msa.l.google.com has address 74.125.68.109
gmail-smtp-msa.l.google.com has IPv6 address 2404:6800:4003:c02::6c
But it doesn’t have the ports we need open:
$ nmap -6 -Pn 2404:6800:4003:c02::6c
Starting Nmap 6.40 ( http://nmap.org ) at 2016-03-26 13:49 UTC
Nmap scan report for sc-in-x6c.1e100.net (2404:6800:4003:c02::6c)
Host is up (0.0024s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE
993/tcp open imaps
Nmap done: 1 IP address (1 host up) scanned in 8.20 seconds
But its IPv4 counterpart does:
$ nmap -Pn 74.125.68.108
Starting Nmap 6.40 ( http://nmap.org ) at 2016-03-26 13:43 UTC
Nmap scan report for sc-in-f108.1e100.net (74.125.68.108)
Host is up (0.0018s latency).
Not shown: 995 filtered ports
PORT STATE SERVICE
25/tcp open smtp
465/tcp open smtps
587/tcp open submission
993/tcp open imaps
995/tcp open pop3s
Nmap done: 1 IP address (1 host up) scanned in 4.55 seconds
Poor IPv6 :(
This hurts. Normally, if something doesn’t support IPv6, the network stack is
smart enough to fall back to IPv4. A simple way to work around this is to
disable IPv6 support in the network stack, but that hurts IPv6 adoption. Guess
I’ll find a hack to tell my programs not to use IPv6 when talking to
smtp.gmail.com.
I sent this in a feedback form (click the gear in Gmail, then “Send feedback”). Hopefully that’ll amount to something.
Questions or comments can go to Hacker News.