DNS problems affecting e-mail delivery: PTR records

Having outgoing e-mail rejected due to domain name system configuration issues is a common problem that Internet e-mail server administrators face. There are eight things you can check to make sure that you're DNS is configured for optimum delivery. I will be covering a different item in each day of this series.

Does a DNS PTR record exist for your IP address?

For maximum delivery, you should make sure that the public IP address used by your outgoing e-mail server to connect to remote e-mail servers has a DNS PTR record that resolves it to a hostname. The PTR record is a pointer record in the in.addr-arpa infrastructure domain that maps the IP address to a hostname.

In order to create or change this PTR record, you will typically need to contact the owner of the IP address that you have been assigned. Most e-mail server administrators do not own their own IP addresses, but instead lease IP address space from their Internet service providers. If you don't know who to contact about your IP address's PTR record, you can probably get started in your sleuthing by contacting your ISP.

You can check whether your e-mail server's public IP address has a PTR record using the "host" command on UNIX/Linux. Below is an example using the example public IP address of 1.2.3.4.

host 1.2.3.4

If you have a working PTR record, you'll get a result similar to the following. Note that the IP address is reversed and turned into a hostname in the in-addr.arpa domain for the lookup.

4.3.2.1.in-addr.arpa domain name pointer smtp.example.com.

If you don't have a PTR record, you'll get back a result similar to the following:

Host 4.3.2.1.in-addr.arpa not found: 3(NXDOMAIN)

To do this search on Windows, you can use the "nslookup" command from a command prompt window:

nslookup 1.2.3.4

If you have a working PTR record, you'll get back a result similar to the following:

Name: smtp.example.com
Address: 1.2.3.4

If you don't have a working PTR record, you'll get back a result like this:

*** UnKnown can't find 1.2.3.4: Non-existent domain

Although no Internet standard requires this PTR record to be created, section 2.1 of informational RFC 1912 says that all IP addresses should have a PTR record. Section 3.5 of STD 13 actually doesn't require PTR records for all IP addresses, but indicates that they should be created for the IP addresses of gateways and nodes to support mapping them to a domain. As a result, you might create PTR records for all IP addresess in use to support this mapping. Many recipient e-mail servers will reject your e-mail for policy reasons if you don't have this PTR record, and will often mistakenly cite an RFC 1912 "violation".

It's important to note that many people mistakenly refer to a DNS PTR record as "reverse DNS". If someone tells you that your "reverse DNS isn't configured correctly", they're probably referring to a missing PTR record. There is actually no such thing as "reverse DNS", and "inverse DNS" is something all together different than a PTR record.

Other articles in this series:

DNS problems affecting e-mail delivery : mailserver name

DNS problems affecting e-mail delivery: sender domain