Hostao Tools
🔄
DNS Basics

Reverse DNS Lookup: What It Is and Why It Matters

📅 Mar 1, 20266 min read✍️ Hostao LLC

While standard DNS converts domain names to IP addresses (forward lookup), reverse DNS does the opposite — it maps an IP address back to a domain name. This seemingly simple capability has important implications for email deliverability, security, and network troubleshooting.

How Reverse DNS Works

Reverse DNS uses PTR (Pointer) records stored in a special DNS zone. For IPv4, this zone uses the in-addr.arpa domain. The IP address is reversed and appended to this domain:

# Forward: example.com → 93.184.216.34
# Reverse: 34.216.184.93.in-addr.arpa → example.com

dig -x 93.184.216.34
# Queries: 34.216.184.93.in-addr.arpa. PTR

For IPv6, reverse DNS uses the ip6.arpa domain with each nibble of the address separated by dots.

Who Manages PTR Records?

Unlike forward DNS records, which you manage through your DNS provider, PTR records are managed by whoever controls the IP address block — usually your hosting provider or ISP. To set up reverse DNS, you typically need to:

  1. Contact your hosting provider or use their control panel.
  2. Request that a PTR record be created for your IP address.
  3. Point it to the hostname that matches your server's forward DNS.

Why Reverse DNS Matters

Email Deliverability

This is the most critical use case. Most major email providers (Gmail, Outlook, Yahoo) check reverse DNS when receiving email. If the sending IP does not have a PTR record, or if the PTR record does not match the sending domain, the email is far more likely to be flagged as spam or rejected outright.

Security and Logging

Reverse DNS is used in server logs to show hostnames instead of raw IP addresses, making logs more readable. Security tools use reverse DNS to identify the organizations behind IP addresses during incident investigation.

Network Troubleshooting

Tools like traceroute use reverse DNS to show the hostname of each hop along the network path. Without PTR records, you only see IP addresses, making it harder to identify which network or organization owns each router.

Access Control

Some services use reverse DNS as part of their access control — verifying that connecting clients have valid PTR records that match their forward DNS. This Forward-Confirmed Reverse DNS (FCrDNS) check helps filter out compromised machines and bots.

Setting Up Reverse DNS

The process varies by hosting provider:

  • AWS — Submit a request through the AWS support portal to set PTR records on Elastic IPs.
  • DigitalOcean — The droplet's name is automatically used as the PTR record. Rename your droplet to your domain.
  • Hetzner — Set PTR records directly in the server control panel.
  • Generic VPS — Contact your provider's support to request a PTR record.

Verifying Reverse DNS

dig -x 93.184.216.34
nslookup 93.184.216.34
host 93.184.216.34

A valid setup shows a PTR record pointing to a hostname that, when looked up forward, resolves back to the same IP. This forward-confirmed reverse DNS is the gold standard.

Reverse DNS is often overlooked in DNS setup, but it is essential for email servers and valuable for security. If you run a mail server, setting up correct PTR records is not optional — it is a requirement for reliable delivery.

Share this article

𝕏 TwitterLinkedInWhatsApp

Related Posts

🌐

What Are Nameservers and How Do They Work?

7 min read

⏱️

DNS Propagation Explained: Why Changes Take Time

6 min read

🔀

A Record vs CNAME: When to Use Which

6 min read