DNS PTR records, more commonly referred to as pointer records, help map an IP address to a hostname by telling an IP client the name of the system assigned to it. This article serves as both a brief introduction to PTR records and an explanation of how they are used.
What is a DNS PTR Record?
A DNS PTR record is a pointer to the IP address of a domain name. The DNS system maintains these records, which help link the domain name to an IP address. These pointers are used in several ways, including to help identify hosts and services on the Internet, as well as to validate email addresses.
PTR records are used in two main ways:
- To verify email addresses with DNS servers so that they can be accepted by mail systems; and
- To verify hostnames with DNS servers so that they can be accepted by web browsers and other network clients.
The main difference between a DNS PTR record and a DNS A record is that the former resolves IP addresses into hostnames and DNS A record resolves hostnames into IP addresses.
What does a PTR record look like?
A classic example of a DNS PTR record is as follows:
<name> <ttl> <class> <type> <rdata>
192.1.06.427 14400 <network class> PTR example.com
Managing PTR Records
PTR records are DNS records that help in mapping an IP address to a hostname. PTR records can be added, modified, and deleted by adjusting DNS settings on a server’s dashboard.
➜ Log in to the DNS Portal.
➜ Navigate to the IP settings page.
➜ Select the subnet whose PTR records you want to manage.
➜ Go to the Reverse DNS records for that subnet.
➜ Now add a PTR record by creating one by clicking on Add Record at the top of the page.
➜ Some hosts also allow bulk creation of PTR records, which allows you to create hundreds of entries at once by uploading PTR record files in JSON format.
➜ You will then see an empty form where you need to enter: IP Address (e.g 22.214.171.124), Content (e.g www), and TTL (300).
➜ After that click Save.
➜ You can remove the record by visiting the IP address management page and clicking on “delete,” which will remove the PTR record associated with that IP address.
How Long Does It Take For a PTR Record To Propagate In The DNS?
The propagation time of a PTR record depends on the TTL setting of your DNS. The TTL is the time to live of a DNS record, and it represents how long the server will keep a record in its cache before removing it from memory.
For example, in this record: 3600 seconds represents the TTL (time to live) of 1 hour. So if a record is changed and then saved, it will take an hour for the update to appear from when the change was made.
PTR Record vs MX Record vs A Record
|provides domain name associated with an IP address
|provides the mail server for a domain
|provides IP address associated with a domain name
|specifies the domain name for doing a reverse lookup
|specifies the domain name that users address mail to
|resolves a hostname to IP addresses
|specifies the fully qualified domain name
|contains two fields:
i). a ranking number that determines which mail servers will be used when more than one is available
ii). a fully qualified domain name of the mail server itself
|specifies which IP address is associated with a certain domain name under the IPv4 RFC 1035
DNS PTR Record Syntax
A PTR record is a DNS record that references an IP address. It has a similar structure to other DNS records, but the content of the field differs.
➜ The first field of the record, <name>, contains the IP address and can be used to point to a server.
➜ The <ttl> value determines how long clients should wait before asking for the same resource again.
➜ The next field <class> defines which network class the record belongs to.
➜ The <type> value specifies whether the record is an A or AAAA record, meaning whether it points to IPv6 or IPv4 addresses respectively.
➜ Finally, <rdata> is where you place the domain name itself, which is what clients will use when they query your server for this resource.
Storing them in IPv4
The DNS PTR records are stored in reverse order, with the domain name of the host being added to the end of the IP address and prefixed with “.in-addr.arpa.”
The PTR record for the IP address 126.96.36.199 would be stored under “188.8.131.52.in-addr.arpa”.
The .arpa top-level domain is for the administration and management of the DNS. It’s used by the zone administrator, who can modify their zone, add or remove records from it, and manage the policies for its use.
To be able to do this, a zone must be configured with at least one PTR record in the DNS. This record points back to IP addresses that have been assigned to specific hosts within the zone. The zone administrator can use these PTR records to find out which IP addresses belong to specific hosts within their domain.
Storing them in IPv6
The DNS PTR records are stored in IPv6 differently from their IPv4 counterparts. Instead of being stored under an IP address, they’re stored under the IPv6 address itself and exist in a different namespace with the .arpa.
In IPv6, the PTR records are reversed and converted into four-bit sections with the addition of “.ip6.arpa” as defined in RFC 3596.
The PTR record in IPv6 for the IP address 4321:0:1:2:3:4:567:89ab would be stored under “b.a.184.108.40.206.220.127.116.11.0.0.3.0.0.0.2.0.0.0.1.0.0.0.0.0.0.0.1.2.3.4.IP6.ARPA”.
How to Create a PTR Record? : Adding the Record in the DNS
- First, you need to open your DNS management console.
- Click on the DNS server name >> click on “PTR”.
- Choose storage in IPv6 or IPv4.
- The PTR query dialog box will appear. Fill in the following fields:
- Enter the Domain Name or IP Address.
- Select a Zone from the available options.
- Describe the PTR record in the Description field.
- Input time in the TTL field.
- Enter the name and value for the keys in the Tags, Key, and Value sections.
- Click OK to close the dialog box and return to the main window where you can see that your new PTR record has been added successfully.
Main Uses of PTR Records
These records are used in reverse DNS lookups to determine if a host is communicating with another host on behalf of a sender. These records can be very useful in anti-spam, troubleshooting email delivery issues, email server validation, and validating outgoing mail.
The following are the main uses of PTR records.
Validate Incoming Mails –They can be used by email servers to validate incoming mail and determine whether or not it should be delivered. This is particularly useful if your company has multiple servers and you need to know which emails should go to which servers.
Validate Outgoing Mails – Outgoing mail systems use these records to validate outgoing emails before they’re sent off—if you’re running an email marketing campaign, this will help ensure that only valid email addresses are being sent out and not spam messages.
Anti-Spam – They are used in reverse DNS lookups, which are commonly used by anti-spam providers to help identify spamming email addresses. In particular, a PTR record will return the IP address of the server that the domain name resolves to. This can be useful for anti-spam providers to help them determine whether an email address is legitimate or not.
Performing a DNS PTR Record Lookup
When you perform a PTR Record Lookup, you will be able to check whether a domain has valid PTR record settings in place or not.
Using Online Tool
You can check your record via PowerDMARC’s free online PTR Record Lookup Tool:
- Select “PTR” from the lookup type menu.
- Enter the IP address in the provided field.
- Click on the lookup button.
Using Command Line
You can also check your PTR record via the command line feature in Windows or macOS.
For Windows users, enter nslookup IP_ADDRESS in the command box prompt.
Alternatively, type dig -x IP_ADDRESS in the Mac terminal command box.
DNS PTR records are a critical component of email security. If you’re using a mail provider that doesn’t provide them, you’re missing out on the chance to verify the authenticity of incoming messages and confirm that your outgoing emails aren’t being spoofed.
PowerDMARC will help you configure complete DNS records including SPF, DKIM, and DMARC records along with protocol management and monitoring services. This way, you’ll be able to enhance your company’s security and ensure that all incoming and outgoing emails are legitimate, while also making sure they’re not being blocked by spam filters.
- Identifying and Safeguarding PII (Personally Identifiable Information) - February 28, 2024
- Types of Cybersecurity Threats and Vulnerabilities - February 15, 2024
- Klaviyo DMARC, SPF, and DKIM Setup Guide - February 15, 2024