What is a PTR Record in DNS

Understanding DNS records, particularly PTR records, is key for anyone managing domains, especially resellers focused on email deliverability. PTR records connect an IP address with a domain name, a crucial step for verifying the origin of emails and protecting against spam.

Despite strong spam filters from providers like Yahoo and Gmail, mistakes happen, and legitimate emails sometimes get marked as spam due to errors like misdirected targeting or incorrect permissions.

For businesses that rely heavily on email, it's critical to ensure that their communications reach their intended recipients and aren't incorrectly flagged as spam. Properly managing PTR records can significantly improve email deliverability, enhance communication reliability, and maintain the integrity of digital interactions. This focused approach not only makes email systems more efficient but also strengthens overall email security.

DNS, which stands for "Domain Name System," is sometimes known as a "forward DNS record," a naming database.

The domain name is comparable to a phone book that enables users to access and search for information about registered contacts. Each of the numerous devices that make up the internet, is identified by a special code called an IP (Internet Protocol) address.

It is the DNS's job to compile the IP address assigned to each domain name; it locates and converts Internet domain names into Internet Protocol (IP) addresses; it converts readable domain names like www.microsoft.com into the numerical IP addresses that computers use to connect to one another, such as 207.46.170.123; and it maps the IP address that a computer uses to locate a website to the name of that website. It is the responsibility of those who use the DNS to access information to translate readable domain names, like www.google.com, into machine-readable IP addresses.

An internet protocol (IP) address is just a label with numbers that identify a device on a network. We must use the public number (IP address) to send a request to a device.

For instance, if we want to access different websites like Google, we cannot simply store these numbers in our memory; imagine how difficult it would be to memorize every digit accurately for every single website we want to visit. Hence the need to map or attach the IP address to a name for easy recollection. Instead of typing 216.58.223.228 in our web browser to request the search engine Google, we can type in www.google.com. This is what DNS is about: it points to the name or converts a domain name to an IP address. E.g., www.google.com → 216.58.223.228. Because a DNS lookup is what causes a web page to load on your laptop, email and website addresses need to correlate to IP addresses in order to send data. The DNS is queried to get the IP address of a certain hostname while it "points forward." What happens when the IP address is queried?

As its name suggests, a reverse DNS merely points an IP address to a hostname, the opposite of what a DNS does.

Email servers frequently employ reverse lookups which use an IP address to query the DNS server. The DNS server will return the hostname or domain name if the record for the IP address is present.

E.g. 216.58.223.228 ➡ www.google.com

The reverse DNS uses a certain type of record called a pointer record (PTR):

In a domain name system, a PTR record is a resource record. It serves as an email anti-spam technique. Because it links an IP address to a domain name, it's also referred to as a "reverse domain name system," or RDNS.

In contrast, an A record associates or maps a domain's actual IP address, and Internet traffic uses this record to find the computer that hosts your domain's DNS settings. If an email server queries the pointer record for a particular IP address and it doesn’t find one or it doesn’t match, the message would be sent to the spam folder.

The pointer record has a hostname, which is the IP address in reverse, with the special suffix in-addr.arpa. This suffix is the domain name used for pointer records, which provides a smoother email process and prevents your emails from being sent to the receiver’s spam folders.

If you look at the image above, you'll notice that the IP address was returned in reverse, along with the previously mentioned suffix in-addr.arpa.

The primary purpose of PTR is mail server validation. Unless you're using a dedicated server, the pointer record is configured in the DNS and it’s put up by the web hosting provider, so you won't need to set up or manage the PTR record on your own.

You don't have problems with email spam because your server has a PTR record that can be linked to your domain name. Most email services check PTR for the servers they are about to receive messages from to see whether they are authentic, PTR is used to combat spam.

The PTR records have the same format as other types of DNS records. The following information is organized according to each field:

<name> <ttl> <class> <type> <rdata>

• <name>: This contains the IP address.

• <ttl>: This is the time in seconds or Time to Live, for which every entry is valid.

• <class>: This contains the abbreviation of the DNS record class being used.

• <type>: This is the record type.

• <rdata>: This contains the domain, hostname, or resource data.

With the help of the command line interface (CLI) or an online tool, anyone can look up a PTR record. Different operating systems require commands to look for a PTR record;

Windows

The easiest way to check the Reverse DNS records of a domain on a window machine is the “nslookup” command;

nslookup –q=ptr IP_Address

MAC

For your MAC OS you can simply lookup a pointer record in the command line by typing;

dig -x IP_Address

dig IP_Address ptr

Another option to check a pointer record would be via a website like DNS checker.org, NSLookup.IO, etc.

Let’s go through this example using a DNS checker. Let’s assume that we want to check the authenticity of an IP address, we can grab the IP address and paste it into the DNS checker, and select the “PTR” option, it should look like the image below;

If we carefully examine the image above, we will notice green checkmarks, which indicate that the IP address can be linked to a PTR record and that everything is in order. The source of the email will be revealed if we use the same IP address, 198.21.0.29 from the image above, and look it up in our command line.

Let’s do a reverse lookup in our command line using the following commands;

MAC OS: dig 198.21.0.29 ptr

Windows OS: nslookup –q=ptr 198.21.0.29

Take a glimpse at the image above, and you’ll see Name:03.mails.freecodecamp.org, which informs us that this IP address translates to freecodecamp.org, and you’ll also notice that the IP address is reversed.

For large organizations involved in email marketing or businesses that send bulk emails to various customers, if your IP address is not permitted to send emails from the sending domain that determines who an email is from, your messages will be sent to junk or spammed.

A PTR record’s primary role is to confirm a message’s authenticity. For example, Gmail uses strict systems to block messages that lack a valid PTR record, ensuring only verified emails reach the inbox.

Other mail providers follow similar protocols to protect users from unwanted or harmful emails. Properly configured PTR records are essential to prevent legitimate emails from being flagged as spam due to incomplete or incorrect server settings.

For resellers managing multiple client domains, having correctly set PTR records can greatly enhance email deliverability and security. For those expanding their hosting services, Verpex offers a free domain with all reseller hosting plans, providing a streamlined solution for effective DNS management.