Basics of rDNS and troubleshooting rDNS record errors

2 years ago
thesanjayasubedi99_a51558tx
5 minutes

What rDNS is?

Reverse DNS involves querying the domain name associated with an IP address. Unlike traditional DNS, where domain names are mapped to IP addresses, reverse DNS retrieves domain names from IP addresses. For example, if google.com has the A record mapping to the IP address 142.250.193.14, reverse DNS involves looking up 142.250.193.14 to find its corresponding domain name, which is google.com. This process makes it easier to identify the domain associated with a specific IP address.

How rDNS works?

Imagine you have a phone number (IP address) and you want to know the name of the business or person (domain) associated with it. Reverse DNS queries work similarly. They ask DNS servers for a special record called PTR (pointer) that stores IP addresses in a reversed format. The PTR record appends “.in-addr.arpa” to the reversed segments of the IP address. So, if a domain has the IP address 192.0.2.1, its information will be stored under 1.2.0.192.in-addr.arpa in the PTR record. This helps identify the domain name associated with a specific IP address.

For ipv6 address: “.ip6.arpa”

Let’s find out some records in the internet

One can utilize online tools or execute a Linux command to determine the PTR record.

dig -x [ip_address]
#Example
dig -x 157.240.198.35
#Result
; <<>> DiG 9.16.1-Ubuntu <<>> -x 157.240.198.35
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51021
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;35.198.240.157.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
35.198.240.157.in-addr.arpa. 5  IN      PTR     edge-star-mini-shv-01-del1.facebook.com.

;; Query time: 8 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Jun 03 10:34:34 UTC 2023
;; MSG SIZE  rcvd: 109

The optimal method for discovering the rDNS record is:

#
dig -t ptr 35.198.240.157.in-addr.arpa
; <<>> DiG 9.16.1-Ubuntu <<>> -t ptr 35.198.240.157.in-addr.arpa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62000
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;35.198.240.157.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
35.198.240.157.in-addr.arpa. 5  IN      PTR     edge-star-mini-shv-01-del1.facebook.com.

;; Query time: 8 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Jun 03 10:35:27 UTC 2023
;; MSG SIZE  rcvd: 109

Where we use rDNS?

Email servers employ it as a crucial component of their functionality. They utilize it to verify the legitimacy of an email message’s originating server prior to allowing it into their network. By checking the rDNS record, email servers can ensure that the server sending the email is valid and authorized to do so. This helps prevent spam, phishing attempts, and other malicious activities from infiltrating the network and reaching users’ inboxes.

How rDNS works in email server?

  1. When an email is received, the receiving mail server can perform a reverse DNS lookup on the IP address from which the email originated.
  1. The receiving mail server sends a DNS query, requesting the PTR (pointer) record for that IP address. The PTR record is specifically configured for reverse DNS lookups and contains the domain name associated with the IP address.
  1. If a valid PTR record exists and the domain name in the PTR record matches the domain from which the email claims to originate, it indicates that the sending mail server is properly configured and likely legitimate.
  1. The receiving mail server can then use this information as part of its spam filtering mechanisms. If the reverse DNS check fails or the PTR record doesn’t match the claimed domain, the email may be flagged as suspicious or spam.

Set rDNS record in plesk

Within Plesk, you have the ability to configure the rDNS record by navigating to the domain’s DNS settings.

Next, select the “Add Record” option and choose the PTR record from the dropdown menu.

Once the record has been updated, you can employ the “dig” command to inspect and view the PTR record.

#dig
dig -t ptr 9[..].173.in-addr.arpa

Adding an rDNS record to your server is a straightforward process, particularly when using platforms like Linode or other similar providers. These platforms typically offer user-friendly interfaces or control panels that allow you to easily manage your server settings. By accessing the appropriate section within the platform’s interface, you can conveniently add the desired rDNS record for your server. This helps ensure proper reverse DNS resolution and facilitates various network-related tasks, such as email delivery and authentication.

Basic troubleshooting rDNS

  • Incorrect rDNS Record:
    • Issue: If the rDNS record is not properly set or does not match the associated IP address, it can result in failed reverse DNS lookups.
    • Solution: Double-check the rDNS record configuration and ensure it accurately corresponds to the IP address in question. Correct any discrepancies or errors in the record. After making changes, allow sufficient time for the changes to propagate throughout the DNS system.
  • Missing PTR Record:
    • Issue: If there is no PTR (Pointer) record set for an IP address, it will result in reverse DNS lookup failures.
    • Solution: Create a PTR record for the IP address in question. In the DNS settings, add a new PTR record and associate it with the appropriate domain name or hostname. Ensure the PTR record accurately reflects the IP address it is associated with. Again, allow time for the changes to propagate through the DNS system.

Check out our articles here:

  • https://secnep.com/deploying-a-server-basic-configurations-for-ubuntu/
  • https://secnep.com/pushingimagetogcp/
Leave a Reply 0

Your email address will not be published. Required fields are marked *