Mumbai Webhosting Articles

What is reverse DNS?

by

Amit Kohli
in

Reverse DNS (rDNS) is a method used to map an IP address back to a domain name, which is the opposite of the more common process of DNS (Domain Name System) lookup, where a domain name is mapped to an IP address.

How Reverse DNS Works

  1. Standard DNS Lookup:
    • In a standard DNS lookup, you start with a domain name (e.g., example.com), and the DNS resolves this to an IP address (e.g., 192.0.2.1).
  2. Reverse DNS Lookup:
    • In reverse domain nameserver, the process is reversed. You start with an IP address (e.g., 192.0.2.1), and the rDNS lookup resolves it to a domain name (e.g., mail.example.com).
    • This is done using a special domain called in-addr.arpa for IPv4 addresses and ip6.arpa for IPv6 addresses. The IP address is reversed, and a PTR (Pointer) record is created in this domain to point to the domain name.

Example of Reverse DNS

  • IP Address: 192.0.2.1
  • Reverse DNS Query: A reverse DNS lookup is performed on 1.2.0.192.in-addr.arpa.
  • PTR Record: The PTR record for this query might point to mail.example.com.

Uses of Reverse domain nameserver

  1. Email Validation:
    • Reverse domain nameserver is commonly used in email servers to check whether the IP address of the sending server has a PTR record that matches the domain from which the email claims to originate. This helps reduce spam and validate that the sender is legitimate.
  2. Network Troubleshooting:
    • Network administrators use reverse domain nameserver to identify the hostname associated with an IP address, which can be helpful in diagnosing network issues, monitoring traffic, and logging activities.
  3. Access Control and Security:
    • Some services use reverse domain nameserver for access control, ensuring that only connections from specific domain names are allowed. This adds a layer of security by verifying that the IP addresses have valid and expected domain names.
  4. Improving User Experience:
    • Reverse domain nameserver can be used to provide more human-readable information in logs or monitoring tools. For example, instead of seeing an IP address in a log, you might see a domain name, which is easier to interpret.

Configuring Reverse DNS

  • PTR Record: To configure reverse domain nameserver, the owner of the IP address (typically an ISP or hosting provider) must create a PTR record in the DNS that points the IP address to the desired domain name.
  • Requesting rDNS Setup: If you have a dedicated server or VPS, you may need to request your hosting provider or ISP to set up reverse domain nameserver for your IP addresses. They will create the necessary PTR records.

Reverse DNS and Email Deliverability

  • Importance for Email Servers: Many email providers, including major services like Gmail and Yahoo, check for a reverse domain nameserver record when receiving emails. If the sending server’s IP does not have a valid rDNS entry, the email may be flagged as spam or rejected outright.
  • Best Practice: Ensure that your mail server’s IP address has a proper rDNS setup that matches the domain from which you are sending emails. For example, if you send emails from mail.example.com, the reverse DNS for your IP should resolve to mail.example.com.

Limitations

  • Not Mandatory: Reverse DNS is not mandatory for all Internet services, and not all IP addresses have an rDNS record configured.
  • ISP Control: Since reverse domain nameserver records are controlled by the owner of the IP address (often the ISP or hosting provider), end-users or domain owners may not have direct control over setting up or modifying these records.

What are reverse DNS lookups used for?

Reverse lookups are commonly used by email servers. Email servers check and see if an email message came from a valid server before bringing it onto their network. Many email servers will reject messages from any server that does not support reverse lookups or from a server that is highly unlikely to be legitimate. Spammers often use IP addresses from hijacked machines, which means there will be no PTR record. Or, they may use dynamically assigned IP addresses that lead to server domains with highly generic names.

Logging software also employs reverse lookups in order to provide users with human-readable domains in their log data, as opposed to a bunch of numeric IP addresses.

Conclusion

Reverse DNS plays a crucial role in Internet services, particularly in email validation, security, and network administration. While it’s often used behind the scenes, having a correctly configured rDNS can improve email deliverability, help with network management, and enhance the overall trustworthiness of your IP addresses.