Multiple A records and reverse DNS
Blake Hudson
blake at ispn.net
Fri Mar 18 20:20:40 UTC 2016
Tom, when your mail server establishes a connection to another host, the
receiving host will likely automatically check the PTR record of the IP
address your server used as it's source address. This PTR record should
have a corresponding A record that points to the same IP address that
was looked up in the PTR record. This is sometimes referred to as a
"verified" hostname. Without this, receiving mail servers may sometimes
log your rDNS as unknown, which can look spammy to subsequent spam
filters. You can have any number of other A records that point to your
server, they are irrelevant to PTR verification.
Example:
Your reverse zone:
1.1.1.1.in-addr.arpa. IN PTR mail.adi.com.
Your adi.com zone:
mail.adi.com. IN A 1.1.1.1
smtp.adi.com. IN A 1.1.1.1
www.adi.com. IN A 1.1.1.1
foo.adi.com. IN CNAME www.adi.com.
All the matters to PTR verification is that 1.1.1.1 has a PTR record and
that PTR record exists as an A or CNAME that eventually points back to
1.1.1.1
As others have pointed out, this is best common practice for outgoing
mail servers aka mail relays; However, I generally recommend having
valid PTR records and having matching forward records for any servers.
Maybe it's just me, but most of my server's send email - even MX servers
(they do create NDR notices from time to time).
--Blake
Thomas Schulz wrote on 3/17/2016 8:53 AM:
> This is not a BIND question but I hope people here will know the answer.
> We are switching service providers and I understand that many email SPAM
> prevention systems insist on the reverse DNS matching the forward DNS.
> If I have two A records for our mail server and the reverse record matches
> one of them, will that be good enough. Or will the fact that the other A
> record does not match cause trouble.
>
> Tom Schulz
> Applied Dynamics Intl.
> schulz at adi.com
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list