>

Glossary Home

What will I learn?

  1. What is reverse DNS?
  2. PTR records
  3. How is a rDNS lookup performed?
  4. Forward-confirmed reverse DNS process
  5. Why is rDNS important?
  6. Common rDNS issues

Related Content

Glossary Home

Reverse DNS

What is reverse DNS?

Every device or server connected to the internet is assigned an IP address that allows other systems to find and communicate with it. When you type a website URL, the internet’s DNS service looks up the IP address for that domain and loads the site. This process is known as the forward DNS lookup or DNS lookup.

Reverse DNS does the opposite of this—it takes the IP address and locates the corresponding domain.

DNS lookups play an important role in email delivery as well. Recipient servers use them to validate the domain an email is sent from, adding an extra layer of authenticity and helping protect against spam, phishing, and domain impersonation.

PTR records

Forward DNS lookup uses an A record, which is a DNS entry that maps a given domain to its IP address. Reverse DNS lookup, on the other hand, relies on PTR records.

The PTR record maps an IP address back to its corresponding domain. A typical PTR record is in the following format:

<IP address reversed> IN PTR <hostname>

The reversed IP address contains the IP address reversed and a suffix depending on the IP version.

  • For IPv4, the suffix is ".in-addr.arpa".
  • For IPv6, the suffix is ".ip6.arpa".

The hostname indicates the domain that is mapped to the IP address; for example, email.example.com. 

In most cases, the hosting providers set up PTR records on behalf of the users. However, some providers allow domain owners to add these records from the admin panel.

How is a rDNS lookup performed?

When a recipient server receives an email, the reverse DNS lookup is performed in the following manner: 

  • The receiving server takes the sending IP and converts it to the reverse lookup form (89.67.45.321.in-addr.arpa).
  • It then queries the DNS for the PTR record of the IP address.
  • The DNS replies with:
    • The  hostname (success), or
    • NXDOMAIN (no PTR record).

Forward-confirmed reverse DNS process

Some email providers perform a forward DNS query to validate the hostname obtained from the reverse DNS check. This process is called Forward-confirmed Reverse DNS (FCrDNS).  

For example, if the reverse DNS lookup of 123.45.67.89 returns the hostname example.com, and a forward DNS of this hostname resolves back to the same IP, then the FCrDNS is passed—confirming the hostname indeed belongs to the IP.  

If the forward DNS returns a different IP or no A record exists, it may indicate suspicious activity. For instance, a spammer could be attempting to send emails using their IP while claiming to be a legitimate sender. FCrDNS helps validate the hostname and detect such potential misuse.

Why is rDNS important?

Some email service providers perform rDNS checks as part of their spam filtering process. If an incoming email’s IP address doesn’t resolve to a valid domain name, the message may be flagged as potential spam, placed in the junk folder, or rejected. 

A correctly configured PTR record, along with a matching A record, helps receiving servers verify the sender’s identity and detect inconsistencies such as spoofed or forged domains. 

Although PTR records aren’t mandatory like authentication mechanisms such as SPF, DKIM, and DMARC, they complement them to create a more trustworthy email-sending setup.

Common rDNS issues

  • Mismatched forward and reverse DNS: The hostname does not resolve to the same IP.
  • Generic PTR records: PTR points to a generic hostname assigned by the provider (Example: ip-203-0-113-25.hostingprovider.net), instead of your domain. This can occur when your server is new or if you have a shared IP pool. You can fix this by requesting a custom PTR pointing to your mail server's hostname with a matching A record.
    • To check your PTR record, you can run a lookup using the following command in your system terminal:
      • Windows: nslookup <your IP>
      • Mac or Linux: dig -x <your IP>
    • This will return the PTR record assigned for you.
  • Incorrect delegation or missing PTR record: PTR records required for rDNS lookups are stored in reverse DNS zones, controlled by the provider who owns the IP address. If these zones aren’t configured properly, rDNS lookups fail because the DNS system cannot find the PTR record.
    • To check if your PTR record is configured properly, you can perform a reverse DNS lookup on your IP. If it returns the expected hostname, the PTR record exists and the reverse zone is likely delegated correctly.
    • If not, it could mean the PTR hasn’t been created or the reverse zone is incorrectly delegated.
    • In either case, you should contact your hosting or IP provider to verify the configuration and add or correct the PTR record.