Solved

DNS, reverse lookup and PTR records

Posted on 2014-04-22
3
746 Views
Last Modified: 2014-05-12
Question: Secure services in your network require reverse name resolution to make it more difficult to launch successful attacks against the services. To set this up, you configure a reverse lookup zone and proceed to add records. Which record types do you need to create?
Answer: PTR Records


I setup small business 2003 which comes with exchange built in for client once. Before my arrival he said everytime he would send an email to an AOL email address he would recieve a  bounce back message.

I then read on the internet that I have to create a PTR record - and that can only be done by the broadband company. I then left the company and never understood the whole thing.

Can some one explain what exactly a PTR record is? what is it so necessary?
0
Comment
Question by:Ikky786
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 167 total points
ID: 40014161
Below are the DNS records for Microsoft.com.  You can see that each of the 'nameservers' and the main 'microsoft.com' site have PTR records associated with them.  It is basically a way to cross check that the remote IP is valid for the domain.
1	microsoft.com	NS	ns5.msft.net	65.55.226.140		Answer	
2	microsoft.com	NS	ns1.msft.net	65.55.37.62		Answer	
3	microsoft.com	NS	ns2.msft.net	64.4.59.173		Answer	
4	microsoft.com	NS	ns3.msft.net	213.199.180.53		Answer	
5	microsoft.com	NS	ns4.msft.net	208.76.45.53		Answer	
6	microsoft.com	MX	microsoft-com.mail.protection.outlook.com	207.46.163.215	Preference: 10	Answer	
7	microsoft.com	A	microsoft.com	65.55.58.201		Answer	
8	microsoft.com	A	microsoft.com	65.55.58.201		Answer	
9	microsoft.com	CNAME			Error 9501: No records found for given DNS query.		
10	microsoft.com	SOA	ns1.msft.net	65.55.37.62	Admin: msnhst.microsoft.com, Default TTL: 3600, Expire: 2419200, Refresh: 300, Retry: 600, Serial: 2014042103	Answer	
11	microsoft.com	TEXT			v=spf1 include:_spf-a.microsoft.com include:_spf-b.microsoft.com include:_spf-c.microsoft.com include:_spf-ssg-a.microsoft.com include:spf-a.hotmail.com ip4:147.243.128.24 ip4:147.243.128.26 ip4:147.243.128.25 ip4:147.243.1.47 ip4:147.243.1.48 ~all	Answer	
12	microsoft.com	TEXT			FbUF6DbkE+Aw1/wi9xgDi8KVrIIZus5v8L6tbIQZkGrQ/rVQKJi8CjQbBtWtE64ey4NJJwj5J65PIggVYNabdQ==	Answer	
13	140.226.55.65.in-addr.arpa	PTR	ns5.msft.net	65.55.226.140		Answer	
14	62.37.55.65.in-addr.arpa	PTR	ns1.msft.net	65.55.37.62		Answer	
15	173.59.4.64.in-addr.arpa	PTR	ns2.msft.net	64.4.59.173		Answer	
16	53.180.199.213.in-addr.arpa	PTR	ns3.msft.net	213.199.180.53		Answer	
17	53.45.76.208.in-addr.arpa	PTR	ns4.msft.net	208.76.45.53		Answer	
18	215.163.46.207.in-addr.arpa	PTR	mail-bl24215.inbound.protection.outlook.com	207.46.163.215		Answer	
19	201.58.55.65.in-addr.arpa	PTR	00001001.ch	65.55.58.201		Answer	

Open in new window

0
 
LVL 16

Assisted Solution

by:Shaik M. Sajid
Shaik M. Sajid earned 167 total points
ID: 40014253
there is 2 things..

one is local Reverse dns which works on your local network...

the second thing is External which is done by ISP and DNS service provicer... where u publish you external DNS name...

so ask you service provider to create reverse dns entry for your External domain name

and check in the external DNS setting about the PTR record



all the best
0
 
LVL 19

Assisted Solution

by:alextoft
alextoft earned 166 total points
ID: 40014818
If you imagine a DNS "A" record as allowing you to resolve mail.domain.com to 1.2.3.4, a PTR record is the reverse; it allows you to resolve 1.2.3.4 to mail.domain.com

Just like a domain name has "NS" (nameserver) records attached to it which tell clients where to go to resolve hostnames in domain.com so do IP blocks. It's usually used as an anti-spam technique - checking that the server has a PTR record which ties it to the domain it's performing email services on behalf of, and/or that the A and PTR records resolve to each other.
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
Resolve DNS query failed errors for Exchange
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question