What is Reverse DNS?

A Reverse DNS is usually a premium feature inside a paid managed DNS plan. It is a service that is mostly directed towards IP network owners and offers IP address to domain resolving. Other business owners might also be interested in it because that way, their emails have a better chance of not going to the spam folder. 

Reverse DNS explained 

Reverse DNS, also known as rDNS, does the opposite to a Forward DNS, which is to map IP addresses to hostnames. The purpose of the Reverse DNS is to provide a way to verify the IP addresses and confirm that they are related to a particular domain name. It is especially important when we are talking about the verification of mail servers or other services. 

If you can’t verify, it is safer to mark it as dangerous, and this is what many servers could do if there is not Reverse DNS zone to be checked. 

In short:

In Forward DNS, a domain name is pointing to an IP address where it is hosted.

In Revere DNS, An IP address is pointing to a domain name to verify it belongs to it.  

Master Reverse Zone

To be able to use Reverse DNS, you will need to create Master Reverse Zone. You will need to add the IP address in reverse. The Reverse DNS can work both with IPv4 addresses as well as IPv6 addresses. Later you can add the PTR DNS record. The Master Reverse Zone will be the environment where the PTR record can exist. 

*You will need a Master DNS zone with A or AAAA records too. 

PTR record

This record, also known as pointer record, has the mapping that we need: IP address to hostname. 

You will need an A or AAAA record for each PTR record. 

You will need the PTR records and the Reverse Zone to verify the outgoing mail servers. There will be a check of both the PTR records and the A records during the process. 

If you don’t set up your DNS records appropriately, your emails will most probably go to the spam folders. 

Slave Reverse Zone

You can also have Slave Reverse Zone, which will be just a copy of the Master. A Slave Zone is always read-only, so the changes will always be made only in the Master. 

The Slave Reverse Zone could serve to provide redundancy or faster response if it is in a DNS server closer to the users. 

How to check the Reverse DNS and the PTR records? 

We will use 3.4.5.6 as the IP address for the examples. Put the one you like in its place for your lookups. 

On Linux and macOS, you can do it with the Dig command or with the Host command. For both, you will first need to open the Terminal. 

Dig command:

dig –x 3.4.5.6 

Host command:

host 3.4.5.6

On Windows, you can use the Nslookup. Open the Command Prompt and use this command:

nslookup 3.4.5.6 

In all of the cases, the result will be the PTR record, if it exists. Inside it, you can see the hostname. 

Browser:

You can use any device with internet connectivity and a web browser. There are various sites for that purpose, but you can try WhatIsMyIP.com. On the site, navigate to the “Reverse DNS Lookup”. Then put the IP address in the empty field and press “Lookup”. The result will be the domain name that corresponds to the IP address. 

Performing a Reverse DNS Lookup can be useful for:

  • Verification if you have properly created your Reverse zone and PTR records. So you won’t have problems with sending emails. 
  • Find spam emails. You can back check the IP address of a suspicious email that you got. After the lookup, you will see the domain from which it was sent, and if it does not sound like a legit domain name, it probably is not. 
  • See, from where does your audience comes. You can check the individual IP addresses of your site’s visitors. You won’t get personal data, but there is enough useful information – geographical data and their ISP. Use can use the data for your marketing. 

How does a Reverse DNS Lookup works? 

If a Reverse DNS Lookup searches everywhere for your query, it will take a lot of resources. This is why there are 2 dedicated domains: for IPv4 address is in-addr.arpa, and for IPv6 address is ip6.arpa. There are 3 subdomains too: rDNS subdomain 1 follows in-addr.arpa or ip6.arpa, and it is the first part of the IP address; rDNS subdomain 2 is the second part of the IP address; rDNS subdomain 3 with the last part of the IP address. 

That way, each Reverse Lookup gets resolved fast in 3 steps or less. 

Why should we care about Reverse DNS?

If humans only care about the Forward DNS (domain name to IP address), the machines really care about Reverse DNS (IP address to the domain name). 

Provide trust a verify services

Without it, services can’t be verified and can’t work as expected. What does not get verified gets blocked or put in a SPAM if it is an email. 

So, businesses need it to show that it is really they, behind the particular domain name. To show that everything is trustable and there are no problems with the services regardless of the name servers’ authenticity. 

Reverse DNS and email

Not having Reverse DNS and no PTR records configured correctly will mean that all the emails that you are sending will go directly to the SPAM folder. If the verification fails, it is a lot better to discard emails than to have the risk of emails from an unverified source. 

Conclusion

The existence of Reverse DNS is very important for verification purposes. It shows that some IP addresses are really connected with a particular domain, and the services could be trusted and use. Without it, services might not function at all.

  

Leave a Reply

Your email address will not be published. Required fields are marked *