Pointer Record (PTR)

A PTR record (Pointer record) is a type of DNS record used to map an IP address to a domain name (e.g. 127.0.0.1 -> localhost). It enables reverse DNS (rDNS) lookup, allowing you to find the associated domain name for an IP address.

What is a Pointer Record (PTR) used for?

A PTR record is used for reverse DNS lookups. It associates an IP address with a domain name, enabling identification of the domain name associated with a given IP address. PTR records are commonly used for verifying server identities, preventing email spam, and troubleshooting network issues.

Why should an email server have a valid PTR record?

Having a valid PTR record for an email server is important for several reasons:

• Reverse DNS Lookup: Many email servers perform reverse DNS lookups to verify the authenticity of the sending server. They check if the PTR record for the server’s IP address matches the hostname used in the HELO/EHLO greeting. A valid PTR record adds credibility and helps prevent email from being flagged as spam or rejected.
• Spam/Junk Prevention: PTR records play a role in spam filtering. Many spam filters consider the absence or mismatch of PTR records as suspicious. Having a valid PTR record improves the reputation of the email server and reduces the chances of emails being marked as spam.
• Email Deliverability: Some email service providers and recipient servers use PTR records to evaluate the reputation of the sending server. A valid PTR record helps establish trust and enhances the chances of successful email delivery.
• Server Identification: PTR records allow recipients to identify the domain associated with an IP address. This helps in tracing the origin of emails and verifying the legitimacy of the sending server.

In summary, a valid PTR record for an email server is crucial for maintaining email deliverability, preventing spam, establishing server credibility, and aiding in troubleshooting and identification.

Where can I set a PTR record for an email server?

The ability to change a PTR record for an email server depends on your level of control over the DNS configuration of the IP address in question. Generally, the PTR record is managed by the organization or service provider that controls the IP address block.

Can I change a PTR record for an email server?

If you have control over the DNS configuration, you can request a change to the PTR record through the entity responsible for managing the IP address or the DNS settings. However, changing a PTR record for an email server should be approached with caution, as it can have the following consequences:

• Email Deliverability: Modifying the PTR record can impact email deliverability. If the new PTR record is not properly set up or does not align with the server’s hostname, it may trigger spam filters, leading to emails being flagged or rejected.
• Reverse DNS Lookup Validation: Changing the PTR record may temporarily disrupt reverse DNS lookup validation. During the propagation period, receiving servers may not recognize the new PTR record, potentially causing delivery issues.
• Reputation Impact: Altering the PTR record can affect the reputation of the IP address and the associated domain. If the change is not handled correctly, it may negatively impact the server’s reputation, leading to deliverability problems.
• Time and Propagation: It’s important to note that DNS changes, including PTR records, require time for propagation across the DNS infrastructure. During this period, the old PTR record may still be cached by some DNS resolvers, causing inconsistency in lookup results.

To minimize any negative consequences, it’s advisable to leave a PTR record - even on a change of a company name. If you have several servers setup for the same purpose, you can change one server and slowly rise traffic of the server to see whether it has any consequences.

How can I check a PTR record?

You can use dig (dnstools) to chec a ptr record of an IP address.

First of all query a valid mail server for an A (IPv4) or AAAA (IPv6) record like from web.de:

$ dig a mout.web.de

;; QUESTION SECTION:
;mout.web.de.			IN	A

;; ANSWER SECTION:
mout.web.de.		61	IN	A	212.227.15.4
mout.web.de.		61	IN	A	217.72.192.78
mout.web.de.		61	IN	A	212.227.17.12
mout.web.de.		61	IN	A	212.227.15.6
mout.web.de.		61	IN	A	212.227.15.14
mout.web.de.		61	IN	A	212.227.15.5
mout.web.de.		61	IN	A	212.227.15.3
mout.web.de.		61	IN	A	212.227.17.11

As next step, use one of the IP addresses listed to query the corresponding PTR record asking for the IP address:

$ dig -x 212.227.15.4

;; QUESTION SECTION:
;4.15.227.212.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
4.15.227.212.in-addr.arpa. 82994 IN	PTR	mout.web.de.

As you can see, the same domain can point to the same domain name.