I'm trying to set up a raspberrypi 4 as a mail server. Since I own a domain name using a provider (gandi.net), I use this domain name for my mail server (with mx records, redirection to the raspberry, etc.)

Using the tutorial of Makeuseof, I did configure the pi to send mail. But the thing is, when I try to send a mail to, for example, my gmail account, I receive the error :

IP you're using to send 550-5.7.1 mail is not authorized to send email directly to our servers.

I have read other posts about it, so I went to https://check.spamhaus.org/ and tried to allow my IP address to be removed from the ban list (which I'm still waiting for).

But another solution that I've seen is to set a ptr record, redirecting my IP address back to my domain name.

For that, I've installed dnsmask, and I've set a redirection in my /etc/hosts file, by adding this line :

2001:0db8:85a3:0000:0000:8a2e:0370:7334 mail.example.com.

For obvious reason, those are not the actual address that I'm using, but the principle is here, and yes, I'm hosting everything under my ipv6 address.

So my question is : will this manipulation work, redirecting my ipv6 address toward the domain name, and is the ptr record settled correctly? Or is there another way to convince google servers that my mails are send using my domain name?

Thanks by advance for those who will read this.

You can't really "fake" reverse DNS.

For the internet at large to be able to query reverse DNS records, PTR records, the applicable Reverse DNS records must be configured by the owner of the IP-address range from which your IP-address (range) is allocated.

Some providers will delegate control of reverse DNS records to their users via DNS when requested,
others provide a control panel where the current users of an IP-address (range) can configure their preferred records (usually a sanity check is performed to confirm that a forward A/AAAA record exists and points to your IP-address before your custom FQDN is assigned as the PTR record)
and others don't support that at all.

Note that that particular error message is not about missing/incorrect reverse DNS though:

See https://support.google.com/a/answer/3726730 & https://support.google.com/mail/answer/10336

The IP you're using to send email is not authorized...'

...

In order to prevent spam, Gmail refuses mail from IP addresses that are not authorized to send mail. The determination of whether or not an IP address is authorized to send mail is made by the ISP that provides you with the IP address. This list typically contains consumer IP ranges offered for dialup, DSL, or other broadband access.

What can I do to fix this?
Your ISP may provide SMTP relays which will accept mail from your IP, and these servers should be authorized to send mail. Some ISPs may provide a way to get an IP that is authorized, either by upgrading to business class service or static IP service. You should reach out to your ISP to see what options are available.

Another alternative is to send mail through your own domain’s servers (that use a different IP-address) ...

No, changes made locally using dnsmask or /etc/hosts are not affecting the PTR record for the IP address globally, so anyone including the Google servers won't see it. The PTR records has to be configured in the reverse zone for the reverse .in-addr.arpa. zone for IPv4 or .ip6.arpa. zone for IPv6, e.g.,

• For 198.51.100.1, 100.51.198.in-addr.arpa.

• For 2001:DB8::1, 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. IN PTR.

These zones are controlled by the owner of the IP block; typically the ISP. Contact them to see whether it is possible to configure the PTR record to match your HELO hostname. If it is not, you could always change the hostname advertised in the HELO command to match with the current reverse name.