DNS, reverse lookup and PTR records

Question: Secure services in your network require reverse name resolution to make it more difficult to launch successful attacks against the services. To set this up, you configure a reverse lookup zone and proceed to add records. Which record types do you need to create?
Answer: PTR Records


I setup small business 2003 which comes with exchange built in for client once. Before my arrival he said everytime he would send an email to an AOL email address he would recieve a  bounce back message.

I then read on the internet that I have to create a PTR record - and that can only be done by the broadband company. I then left the company and never understood the whole thing.

Can some one explain what exactly a PTR record is? what is it so necessary?
Ikky786Asked:
Who is Participating?
 
Dave BaldwinConnect With a Mentor Fixer of ProblemsCommented:
Below are the DNS records for Microsoft.com.  You can see that each of the 'nameservers' and the main 'microsoft.com' site have PTR records associated with them.  It is basically a way to cross check that the remote IP is valid for the domain.
1	microsoft.com	NS	ns5.msft.net	65.55.226.140		Answer	
2	microsoft.com	NS	ns1.msft.net	65.55.37.62		Answer	
3	microsoft.com	NS	ns2.msft.net	64.4.59.173		Answer	
4	microsoft.com	NS	ns3.msft.net	213.199.180.53		Answer	
5	microsoft.com	NS	ns4.msft.net	208.76.45.53		Answer	
6	microsoft.com	MX	microsoft-com.mail.protection.outlook.com	207.46.163.215	Preference: 10	Answer	
7	microsoft.com	A	microsoft.com	65.55.58.201		Answer	
8	microsoft.com	A	microsoft.com	65.55.58.201		Answer	
9	microsoft.com	CNAME			Error 9501: No records found for given DNS query.		
10	microsoft.com	SOA	ns1.msft.net	65.55.37.62	Admin: msnhst.microsoft.com, Default TTL: 3600, Expire: 2419200, Refresh: 300, Retry: 600, Serial: 2014042103	Answer	
11	microsoft.com	TEXT			v=spf1 include:_spf-a.microsoft.com include:_spf-b.microsoft.com include:_spf-c.microsoft.com include:_spf-ssg-a.microsoft.com include:spf-a.hotmail.com ip4:147.243.128.24 ip4:147.243.128.26 ip4:147.243.128.25 ip4:147.243.1.47 ip4:147.243.1.48 ~all	Answer	
12	microsoft.com	TEXT			FbUF6DbkE+Aw1/wi9xgDi8KVrIIZus5v8L6tbIQZkGrQ/rVQKJi8CjQbBtWtE64ey4NJJwj5J65PIggVYNabdQ==	Answer	
13	140.226.55.65.in-addr.arpa	PTR	ns5.msft.net	65.55.226.140		Answer	
14	62.37.55.65.in-addr.arpa	PTR	ns1.msft.net	65.55.37.62		Answer	
15	173.59.4.64.in-addr.arpa	PTR	ns2.msft.net	64.4.59.173		Answer	
16	53.180.199.213.in-addr.arpa	PTR	ns3.msft.net	213.199.180.53		Answer	
17	53.45.76.208.in-addr.arpa	PTR	ns4.msft.net	208.76.45.53		Answer	
18	215.163.46.207.in-addr.arpa	PTR	mail-bl24215.inbound.protection.outlook.com	207.46.163.215		Answer	
19	201.58.55.65.in-addr.arpa	PTR	00001001.ch	65.55.58.201		Answer	

Open in new window

0
 
Sajid Shaik MConnect With a Mentor Sr. System AdminCommented:
there is 2 things..

one is local Reverse dns which works on your local network...

the second thing is External which is done by ISP and DNS service provicer... where u publish you external DNS name...

so ask you service provider to create reverse dns entry for your External domain name

and check in the external DNS setting about the PTR record



all the best
0
 
alextoftConnect With a Mentor Commented:
If you imagine a DNS "A" record as allowing you to resolve mail.domain.com to 1.2.3.4, a PTR record is the reverse; it allows you to resolve 1.2.3.4 to mail.domain.com

Just like a domain name has "NS" (nameserver) records attached to it which tell clients where to go to resolve hostnames in domain.com so do IP blocks. It's usually used as an anti-spam technique - checking that the server has a PTR record which ties it to the domain it's performing email services on behalf of, and/or that the A and PTR records resolve to each other.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.