Reverse DNS (rDNS)

Reverse DNS (rDNS) is a technique used to map an IP address to a domain name using a Pointer (PTR) record. It involves querying the DNS system in reverse, starting with the IP address, to retrieve the associated domain name(e.g. 127.0.0.1 -> localhost). Reverse DNS is commonly used for verifying server identities, preventing email spam, and troubleshooting network issues.

What is a reverse DNS record used for?

A reverse DNS record, also known as a PTR (Pointer) record, is used for reverse DNS lookups. It associates an IP address with a domain name, enabling identification of the domain name associated with a given IP address. Reverse DNS records are primarily used for verification of server identities, preventing email spam, troubleshooting network issues, and establishing trust in various online services.

Why should an email server have a valid Reverse DNS record?

An email server should have a valid Reverse DNS (rDNS) record for several important reasons:

• Authenticity Verification: Many email servers perform reverse DNS lookups to validate the authenticity of the sending server. They compare the PTR record associated with the server’s IP address to the hostname used in the HELO/EHLO greeting. A valid rDNS record confirms that the server is correctly identified and reduces the likelihood of email being flagged as spam or rejected.

• Spam/Junk Prevention: Email spam filters often use rDNS as a factor in determining the credibility of the sending server. Lack of a valid rDNS record or a mismatch between the PTR record and server hostname can trigger suspicions and increase the chances of email being classified as spam.

• Email Deliverability: Some email service providers and recipient servers use rDNS to assess the reputation and trustworthiness of the sending server. A valid rDNS record enhances the server’s reputation, thereby improving the chances of successful email delivery.

• Sender Reputation: A valid rDNS record contributes to the overall sender reputation. It demonstrates that the server is correctly configured, follows best practices, and is less likely to be associated with abusive or fraudulent activities. Positive sender reputation leads to improved email deliverability and avoids being blacklisted.

• Reverse Tracing: With a valid rDNS record, recipients can trace the origin of an email back to the domain associated with the IP address. This assists in identifying the sender and verifying the legitimacy of the sending server.

In summary, having a valid Reverse DNS record for an email server is essential for maintaining email deliverability, preventing spam, establishing server credibility, and aiding in sender identification. It helps ensure that legitimate emails reach their intended recipients and builds trust in the email communication ecosystem.

Where can I set a reverse DNS record for an IP address?

Setting a reverse DNS (rDNS) record for an IP address typically involves working with the entity that manages the IP address block or the DNS configuration for that IP address. The specific process and options for setting a rDNS record may vary depending on your situation. Here are some common scenarios:

• Internet Service Provider (ISP): If you are using an IP address provided by your ISP, you will typically need to contact them and request a rDNS record change. They will have the necessary control over the DNS configuration for the IP address block and can assist you in setting up the rDNS record.
• Hosting Provider: If you have a dedicated server or virtual private server (VPS) from a hosting provider, you may have access to manage your DNS settings. In such cases, you can usually set the rDNS record yourself through the hosting provider’s DNS management interface or control panel.

It’s important to note that the exact steps and procedures may vary depending on your specific situation and the organization responsible for managing the DNS configuration of your IP address.

How can I check a reverse DNS record?

You can check a reverse DNS entry by querying an IP address with an according parameter of your favorite DNS tool.

To have a valid setup let’s take a look at a typical email provider like GMX and query their mail out DNS record for an IP address:

$ dig a mout.gmx.net

;; QUESTION SECTION:
;mout.gmx.net.			IN	A

;; ANSWER SECTION:
mout.gmx.net.		78401	IN	A	212.227.15.18
mout.gmx.net.		78401	IN	A	212.227.17.22
mout.gmx.net.		78401	IN	A	212.227.17.21
mout.gmx.net.		78401	IN	A	212.227.15.15
mout.gmx.net.		78401	IN	A	212.227.15.19
mout.gmx.net.		78401	IN	A	212.227.17.20

As the next step use one of the IP addresses to make a reverse DNS lookup:

$ dig -x 212.227.15.18

;; QUESTION SECTION:
;18.15.227.212.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
18.15.227.212.in-addr.arpa. 79656 IN	PTR	mout.gmx.net.

As most IP addresses have a valid reverse DNS record, you can try one by your own to get a better understanding.