Creating a Reverse DNS record

When you enter a domain name into your browser, the DNS system will find the IP address of the server the domain is associated with.

A reverse DNS lookup does the opposite. It establishes what domain is associated with the IP address. This is a useful setting to configure for anyone but essential for those running a mail server for example.


Why?

As mentioned, it is an essential setting for those running a mail server as many recipient servers will reject, or mark as spam, all email that originates from an 'unauthenticated' server.

This basically means that once the sending IP address has been checked, if the Reverse DNS does not match the sending domain, then it is classed as 'unauthenticated'.

I put 'unauthenticated' in quotes as it is does not guarantee acceptance of email or anything like that. It's just that non-matching or generic RDNS settings are often rejected out of hand.

It can also be very useful (and was the original driving force of RDNS) when tracking down network issues. When 'pinging' a website or IP address, one part of the output is the server's RDNS record.

Let's go ahead and set it for our Slice.

Log on

As you would imagine, we need to log into the SliceManager at https://manage.slicehost.com.

DNS Panel

Once logged in, click the DNS tab were you will be faced with this:

Reverse DNS

Next click the 'Reverse DNS' link.

You will see a simple page with a generic RDNS already set:

That may be fine for some, but let's go ahead and customise it.

Custom Record

In this example, I will set the RDNS to 'mail.mynewdomain.com' which would coincide with my mail server:

Fairly simple.

Saved Record

Once saved, you can check the entry or, indeed, change it whenever you want to:

Summary

Setting an RDNS is essential for anyone running a mail server and desirable for the rest of us.

Luckily, the SliceManager makes this configuration nice and easy.

PickledOnion.

Article Comments:

Vicente commented Thu Oct 25 12:34:40 UTC 2007:

Hi, I think I found a mistake in the reverse DNS mapping, if IP is 208.75.84.20 the record should be written with the reverse ip like this: 20-84-75-208.slicehost.net

PickledOnion commented Thu Oct 25 19:41:50 UTC 2007:

Hi Vicente,

The record shown in the DNS panel is only the name of the record.

The in-addr.arpa record is, indeed reversed,

So if I did an nslookup on the IP address shown, part of the output would be:

nslookup 208.75.84.20 ... Non-authoritative answer: 20.84.75.208.in-addr.arpa name = mail.mynewdomain.com.

So the arpa address is reversed.

One way to look at it is the record name is the 'human version', just as having an actual domain name is only of use to us humans.

PickledOnion.

Melissa commented Mon Nov 05 14:37:32 UTC 2007:

I understand how it all works, however, recently AOL has been rejecting any emails when the RDNS comes back with "in-addr.arpa name" regardless of if the domain name given matches or not. They are saying that "in-addr.arpa name" is not a valid RDNS... any ideas on a work-around? Thanks!

Michael commented Fri Dec 14 19:30:43 UTC 2007:

If I have two domains on a slice, what are the implications for RDNS? Is it possible to configure in this way?

Dru commented Mon Dec 24 12:58:52 UTC 2007:

This is something I would like to know too as there doesn't appear to be any way of adding more than one record (unless a wildcard is possible?)

Erik commented Wed Jan 16 20:31:25 UTC 2008:

Having multiple domains is no issue. Your IP should have a reverse, and that reverse should return back to the IP.

You might have zillions of other records that point to the same IP. That's fine.

So: if the reverse of IP X maps to name Y, name Y must resolve to IP X. That there is a name A,B and C that also resolve to X, doesn't matter. There is no requirement for having a reverse record for all your forward records.

Paul commented Thu Apr 03 08:42:44 UTC 2008:

Based on what I have read on the Wikipedia article, it doesn't matter too much the domain you return here as long is at it resolves back to the same IP address.

If this is the case, there really shouldn't be a problem with serving email from multiple domains on a single server (single IP address) as the validation does not enforce that the address domain be the same as that returned by the reverse dns query.

Correct me if I am wrong... I am just a curious learner in the networking arena.

Marcus commented Mon Apr 14 10:02:18 UTC 2008:

Regarding the multiple domains questions. What if I am hosting multiple mail domains? Do I then need more than one RDNS to avoid mail being rejected?

Real Estate commented Thu Jun 12 12:23:35 UTC 2008:

If I understood correctly, only on IP can have only one reverse domain.

eg 1.1.1.1 reverses to a.com even if b.com is on that IP it can't reverse to that IP as it cant have more than 1 record , is this correct ?

someguy commented Fri Jun 13 19:19:29 UTC 2008:

So if I'm having an outside service handle my DNS, will reverse DNS still be served by slicehost, or do I need to use that same outside service for my reverse-DNS too?

(@Real Estate: yes, correct, afaik.)

Lakshan commented Mon Jun 23 21:40:28 UTC 2008:

I've changed the rDNS value of my slice 2 days ago, but still the changes are not propagated..Normally how long it will take to reflect the changes of rDNS ?

Michael Klett commented Wed Jul 09 13:02:47 UTC 2008:

Same question as @someguy. I think that you would still have slicehost handle the reverse, because otherwise they would have to delegate an entire IP block (you and a lot of other people) to your third party DNS.

Is that right?

Satyen commented Thu Aug 28 12:00:55 UTC 2008:

Hi,

I have web server and mail server running on the same hardware machine. My domain name and mail server name pointing to sameip. E.g. Mydomain.com - 1.2.3.4 mail.mydomain.com - 1.2.3.4

Now few of the mail providerconsidering the mails sent from my site as spam so, i want to create a rDNS.

Should i create a rDNS for my mail server (mail.mydomain.com) or my main domain name(mydomain.com) ? Please suggest.

Thanks

chovy commented Sun Nov 02 02:41:37 UTC 2008:

I am curious too about sending mail from more than one domain...I plan on having a few apps hosted on the one slice, with different domains, and each will send account activation emails.

Its seems odd that the reverse of webmaster@foo.com's IP would be mail.bar.com

(rather new to mail hosting - my apologies)

bd commented Thu Jan 08 21:09:42 UTC 2009:

You should configure your reverse DNS to match what your mail transport says is your hostname. You can find out what your mail transport says by reading a mail sent from your system and look at the headers in the mail for things like: Received: from yourdomain.com (yourdomain.com [69.25.74.166]) by yourotherdomain (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id ab2ba3b2ba

Mohammad Elkersh commented Mon Apr 06 10:06:22 UTC 2009:

How should I configure this value if i am using google apps to handle my mails??

ricky commented Fri May 29 07:59:34 UTC 2009:

Hi,

I am kind of confusing on which ip should i put for PTR. I hv a firewall with One-to-One Mapping for all servers. For example: Firewall (external ip 222.22.2.1), Mail server (external ip 222.22.2.2). Since all the packets are leaving from the firewall so that every single mail that we'd sent out, the mail's header will shows firewall's ip. so which ip should i put for PTR? FW (222.22.2.1) or mail server (222.22.2.2)?

Thanks in advance~~!

Ricky

Want to comment?


(not made public)

(optional)

(use plain text or Markdown syntax)