How to meet Gmail's new (2016) email tls requirement - red lock

About gmail and postfix and ssl : I follow instruction here : Tutorial on ejabberd, postfix, dovecot and or nginx with letsencrypt

Then :

  1. Make my ssl for via certbot (i use webrot method, but think any method work too)
  2. update postfix (and dovecot) to use same certificate than my webserver
  3. restart postfix

Seems OK (for me)

Received: from ( [91.xx.xx.xx])
        by with ESMTPS id 1si721816wrl.82.2017.
        for <>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 20 Feb 2017 00:00:46 -0800 (PST)

But right : i didn’t find the good way for IPv6