Reverse DNS lookups are conducted by mail servers to make sure that the other mail server they are dealing with is who they say they are. Basically, this record tells other mail servers that the IP of your mail server is authoritative for sending and receiving mail for your domain.
This tutorial will guide you through setting up reverse DNS in Constellix. The basic steps are as follows:
Contact your IP provider to request your IP’s reverse DNS zone.
Then request delegation of your reverse DNS to Constellix name servers where you are provided with your reverse DNS domain.
Create your reverse DNS domain in Constellix.
Create necessary PTR records within your reverse DNS domain.
Step 1: Request Zone from ISP
First, you need to obtain the IP address of your mail server.
You will need to find out who owns your IP block (usually this is your ISP or hosting provider).
NOTE: You can determine the owner of an IP address by performing a WHOIS search on the IP in question using this free tool.
Contact your ISP (or whoever owns your IP block) and request a zone for your mail server’s IP address.
This zone is actually a special reverse DNS domain that ends in “in-addr.arpa”. The numbers that precede the “in-addr.arpa” are actually your IP block with the octets reversed.
So “1.168.192.in-addr.arpa” would be the reverse DNS for the 192.168.1 class C. Meaning this reverse DNS zone would handle the reverse DNS for IPs 192.168.1.0 to 192.168.1.255.
If your IP block is smaller than a class C then your zone might look like this “27/1.168.192.in-addr.arpa” or “0-22.214.171.124.in-addr.arpa”. The difference is just the syntax.
NOTE: You must create your domain within Constellix using the exact same syntax your ISP or hosting provider used to delegate it.
IP block's that are a full class C, the syntax of delegation is 147.94.208.in-addr.arpa. If your reverse DNS domain is not configured within Constellix yet, the name servers you provide for delegation may be different.
If your reverse DNS domain is not configured within Constellix yet, the name servers you provide for delegation may be different.
Step 2: Request Reverse DNS Delegation
Then you will need to ask your ISP to delegate reverse DNS to your DNS provider; much like your registrar delegates any requests for your DNS information to your DNS provider.
You will need to provide your ISP with the nameservers for your domain.
Usually, an ISP or hosting company will only delegate the reverse DNS if you have 254 IPs (a full class C) or more, but some companies have been known to make an exception.
If your provider will not delegate the reverse DNS to Constellix then there is no reason to continue this tutorial. You can request they set up the reverse DNS for you and they will host your PTR records.
Step 3: Create Reverse DNS Domain
In your DNS provider’s control panel, you will create a new domain/zone with the information provided by the ISP. In this tutorial we will show you how to create a reverse DNS domain/zone in the Constellix control panel.
1. At the top of the control panel, click the Dashboard menu and select Add Domain.
2. Enter the zone you received from your ISP (or owner of your mail server’s IP block) and click "Save"
3. After you have added your reverse DNS domain into the Constellix system you are provided with a list of name servers that your reverse zone is assigned. These must match the Constellix name servers that you requested delegation.
Step 4: Create PTR Record
Within the zone you just created, add a PTR record.
Go to DNS menu and select Managed DNS.
2. Either search for or select the domain you just created.
3. Click the ( + ) icon in the PTR records table to add a new record.
4. Enter the following values for the PTR record:
A. The name value of the PTR record will be the last octet of your mail server’s IP address. In this example, our IP address is: 126.96.36.199 so the last octect would be ’70’.
B. For the system field, you will enter the hostname of the A record you are using to point to your mail server and append it with a dot. In this example, we already created an A record called mail, so the hostname would be mail.mydomain.com.
C. Enter a TTL for your record.
D. Save your record.
Side note: Most mail servers don’t care where the PTR points too. They just want to see that the ISP has delegated the reverse DNS to your provider and that you have a PTR record for your delegated zone with the name of your IP address.
When a mail server performs a reverse DNS lookup it will initiate a three-way handshake:
The forward DNS must match the reverse DNS.
The reverse DNS must resolve to the mail server’s IP address.
The reverse DNS must match the fully qualified domain name (FQDN) of the email header.