DNS7 min read

What Is Reverse DNS? PTR Records Explained

Reverse DNS maps IP addresses back to domain names — the opposite of a normal DNS lookup. PTR records power this process and are critical for email deliverability and server identity.

Standard DNS resolves domain names to IP addresses. Reverse DNS does the opposite — it maps an IP address back to a domain name. While often overlooked, reverse DNS plays a critical role in email delivery, security logging, and server identification. The mechanism behind it is the PTR record, stored in a special zone of the DNS namespace.

What Is Reverse DNS?

Reverse DNS (rDNS) is a DNS lookup that takes an IP address as input and returns a domain name as output. Where a forward DNS lookup resolves showdns.net → 93.184.216.34, a reverse DNS lookup resolves 93.184.216.34 → showdns.net.

This is not just a technical curiosity. Reverse DNS is used by:

  • Mail servers — to verify that the sending server's IP resolves back to the domain it claims to be sending from.
  • Security and logging tools — to turn raw IP addresses in log files into readable hostnames.
  • Network diagnostics — tools like traceroute use reverse DNS to display hops as hostnames.
  • Spam filters and blacklists — missing or mismatched rDNS is a common spam signal.

What Is a PTR Record?

A PTR record (Pointer record) is the DNS record type used for reverse DNS. It is stored in a special reverse DNS zone and maps an IP address to a domain name (hostname). PTR records are the inverse of A records — while an A record maps example.com → 1.2.3.4, a PTR record maps 1.2.3.4 → example.com.

For a PTR record to be valid, there should also be a corresponding forward DNS record (A or AAAA) that resolves the hostname back to the same IP. This forward-confirmed reverse DNS (FCrDNS) is what mail servers typically verify.

What Is in-addr.arpa?

Reverse DNS records live in a special domain of the DNS namespace: in-addr.arpa. To perform a reverse lookup, the IP address is reversed and appended to .in-addr.arpa. For example, to look up the PTR record for 93.184.216.34:

  1. Reverse the octets: 34.216.184.93
  2. Append .in-addr.arpa: 34.216.184.93.in-addr.arpa
  3. Query the DNS system for the PTR record at that name.
bash
# Reverse DNS lookup using dig dig -x 93.184.216.34 # Or query the PTR record directly dig 34.216.184.93.in-addr.arpa PTR # Using nslookup nslookup 93.184.216.34

IPv6 Reverse DNS: ip6.arpa

For IPv6 addresses, the equivalent zone is ip6.arpa. The process is similar but uses the full nibble-reversed hexadecimal representation of the address. For example, the IPv6 address 2001:db8::1 becomes 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.

Who Controls Reverse DNS?Reverse DNS zones are delegated to IP address owners — typically ISPs and hosting providers, not domain owners. If you run a server on a dedicated IP, you must contact your hosting provider or ISP to set the PTR record. You cannot set it yourself through your domain registrar.

Reverse DNS and Email Deliverability

One of the most important use cases for reverse DNS is email deliverability. When your mail server sends an email, the receiving server checks whether the sending IP address has a valid PTR record, and whether that PTR record points to a hostname that resolves back to the same IP (FCrDNS).

Without a valid rDNS record, your emails are far more likely to be:

  • Rejected outright by servers with strict policies.
  • Classified as spam by filters like SpamAssassin.
  • Listed on IP-based blacklists.

Major email providers including Gmail, Outlook, and Yahoo apply rDNS checks as part of their anti-spam measures. A well-configured PTR record that matches your sending domain is a baseline requirement for reliable email delivery.

Check Your Mail Server's rDNSUse the ShowDNS DNS Lookup tool to query the PTR record for your mail server's IP address and verify it resolves correctly. Also check your MX records with the MX Lookup tool to confirm your mail routing is properly configured.

How to Set a PTR Record

Setting a PTR record requires working with whoever controls the IP address block — not your domain registrar. The typical process is:

  1. Identify your IP address — the public IP of your mail server or web server.
  2. Contact your hosting provider or ISP — most providers have a control panel, support ticket, or API for setting PTR records on dedicated IPs.
  3. Specify the hostname — provide the fully qualified domain name (FQDN) you want the IP to resolve to, such as mail.example.com.
  4. Create the matching forward record — ensure that mail.example.com has an A record pointing back to the same IP.
  5. Verify — use dig -x <IP> or the ShowDNS DNS Lookup tool to confirm the PTR record is live.

Common Reverse DNS Issues

  • No PTR record — the IP has no reverse DNS entry. Most likely to cause email delivery problems.
  • PTR record does not match forward DNS — the PTR points to a hostname that does not resolve back to the same IP. Fails FCrDNS checks.
  • Generic PTR record — many hosting providers assign generic PTR records like 93.184.216.34.static.example-isp.com. This is better than nothing but not ideal for mail servers.
  • Multiple PTR records — while technically allowed, having multiple PTR records for a single IP can cause confusion and inconsistent behaviour.

Checking Reverse DNS

bash
# Check reverse DNS for an IP using dig dig -x 8.8.8.8 ;; ANSWER SECTION: 8.8.8.8.in-addr.arpa. 21599 IN PTR dns.google. # Check using host command host 8.8.8.8 # 8.8.8.8.in-addr.arpa domain name pointer dns.google.

Frequently Asked Questions

What is the difference between forward DNS and reverse DNS?

Forward DNS resolves a domain name to an IP address (e.g., example.com → 93.184.216.34). Reverse DNS resolves an IP address to a domain name (e.g., 93.184.216.34 → example.com). Forward DNS uses A and AAAA records; reverse DNS uses PTR records in the in-addr.arpa or ip6.arpa zones.

Can I set a PTR record through my domain registrar?

No. PTR records are controlled by whoever owns the IP address block, not the domain owner. You must contact your hosting provider, VPS provider, or ISP to configure PTR records. Many managed cloud providers (AWS, DigitalOcean, Linode) offer self-service PTR configuration in their control panels.

Does every IP address need a PTR record?

For servers that send email, a PTR record is effectively required. For web servers, it is optional but recommended for professionalism and security logging. For end-user devices on dynamic IPs, PTR records are typically not set or are set to generic ISP hostnames.

What is FCrDNS?

FCrDNS stands for Forward-Confirmed reverse DNS. It means the PTR record for an IP resolves to a hostname, and that hostname's A record resolves back to the same IP. This bidirectional verification is what mail servers check to confirm a server is legitimate.

How long does it take for a new PTR record to propagate?

PTR records propagate like any other DNS record, based on the TTL assigned by the provider. Most hosting providers set PTR TTLs between 300 and 3600 seconds. After your provider sets the record, it should become visible within a few minutes to a few hours depending on caching.

Related Articles