Fixing Reverse DNS
From Computer Tyme Support Wiki
Fixing your Revers DNS (RDNS)
One of the big problems with email these days is spam and to fight spam many services like us at Junk Email Filter rely on Reverse DNS to get information about the IP address of the email server that is trying to connect to us. If we can't read your reverse DNS your email will probably get through but if you have any other problem in addition to bad RDNS then your email might get blocked or delayed. And neither you or us want that to happen.
As we all know reverse DNS is tricky and if you are reading this you might have a problem you need to solve. You might think your reverse DNS is right but it might not be. There are two things you need to get right in order for RDNS to work correctly. You need:
- A PTR record that returns a NAME for the IP address that is being looked up.
- The name that is looked up must resolve back to the same IP address. The goal is:
IP -> NAME NAME -> IP
Often the second one is done improperly causing the RDNS to fail.
For example. suppose your IP address is 18.104.22.168. Running dig (a Linux command line utility) returns:
dig -x 22.214.171.124 ;; ANSWER SECTION: 126.96.36.199.in-addr.arpa. 1019 IN PTR smtp166.junkemailfilter.com.
This is correct. Now we look up smtp166.junkemailfilter.com
dig smtp166.junkemailfilter.com ;; ANSWER SECTION: smtp166.junkemailfilter.com. 7200 IN A 188.8.131.52
You'll notice that it resolves back to the same IP address. This is very important because it prevents other's from spoofing your domain.
184.108.40.206 -> smtp166.junkemailfilter.com smtp166.junkemailfilter.com -> 220.127.116.11
Testing your Reverse DNS
You can check the reverse DNS of an IP address here.
Many people think their RDNS is correct but they make common mistakes such as:
- The name returned resolves to a different IP address than the original.
- The name returned doesn't resolver to anything.
For example, suppose your IP is 18.104.22.168 and you set the PTR record to return mail.mydomain.com. When someone looks up the RNDS for 22.214.171.124 they get mail.mydomain.com. But when they look up mail.mydomain.com it returns 126.96.36.199 which is not 188.8.131.52, or even worse, the name doesn't resolve at all.
To fix the problem you would have to make sure that mail.mydoimain.com resolves to 184.108.40.206.
If you make these changes and you get it right then you will have a much easier time not only delivering email to us but also to thousands of other email servers that have the same issues we do. We hope this information is helpful in resolving your RDNS problem.