Reverse Resolution

What Is Reverse Resolution?

A PTR record provides the domain name associated with an IP address. It is the opposite of a regular DNS lookup. PTR records are used to verify the mapping between IP addresses and domain names. PTR records are used in many network applications. For example, email servers use reverse resolution to verify the sender's IP address to reduce spam and network fraud.

After a recipient server receives an email, it checks whether the IP address and domain name of the sender server are trustworthy and determines whether the email is spam. If the recipient server fails to obtain the domain name mapped to the sender's IP address, it concludes that the email is sent by a malicious host and rejects it. It is necessary to configure pointer records (PTR) to point the IP addresses of your email servers to domain names.

In the following figure, an ECS serves as an email server, and a PTR record is configured to map the EIP of the ECS to the domain name configured for accessing the email server.

Figure 1 Reverse resolution

For example, enterprise A deploys their email service on an ECS (email server) and binds an EIP to the ECS to enable public network communication. Enterprise B receives emails from a local email recipient (such as an enterprise email client or server) and uses DNS for reverse lookup verification.

1. Enterprise A sends an email, and enterprise B receives the request: The email recipient (for example, the local email server) receives an email from the external network.
2. Enterprise B triggers reverse resolution to query the domain name mapped to the email server IP address of enterprise A: To verify that the email is not a spam email from a forged IP address, the email recipient of enterprise B proactively sends a reverse resolution request to the DNS server to query the domain name mapped to the email server IP address of enterprise A (that is, the EIP).
3. The DNS server returns the resolution result: The DNS server returns the domain name (for example, mail.companyA.com) mapped to the email server IP addresses of enterprise A to the email recipient of enterprise B based on the mapping between the IP address and domain name.
4. If the verification is successful, the recipient receives the email: The email recipient of enterprise B checks whether the domain name obtained from the reverse resolution is the same as the actual domain name of the email. If the domain names are the same, the email recipient returns a message indicating that the email has been received to the EIP (associated with the ECS) of enterprise A.

The preceding describes the reverse resolution process of the DNS service. Information about how the email recipient checks the credibility of the sender's IP address and whether the domain name is available on the Internet is not provided here.

If no PTR records are configured, the recipient server will treat emails from the email server as spam or malicious and discard them.

Scenarios

Advantages

• Improved email delivery rate

  You can configure correct reverse DNS records to improve the email delivery rate and reduce the risk of being identified as spam.

• Enhanced network security

  Reverse resolution helps network administrators quickly locate and identify devices on the network and respond to and handle security events. For example, when a DDoS attack occurs, you can use reverse resolution to quickly locate the attack source.

• Simplified troubleshooting

  Reverse resolution can translate an IP address into a domain name that is easier to understand. This helps technical personnel quickly locate faults.

Functions

Helpful Links

For details about how to configure a PTR record for an email server, see Configuring a PTR Record for an Email Server.