What are PTR Records?
PTR records (short for Pointer Records) are used to perform a Reverse DNS lookup.
As you probably know, DNS (Domain Name System) is sort of a phonebook for the Internet. It stores an enormous amount of information about millions of registered domains. To access its (virtual) pages, you need to perform a DNS lookup of a given domain.
This is typically done by browsers right after you type in an email address. With a DNS lookup, they can quickly understand that the https://mail.example.com address actually represents the 184.108.40.206 IP address. This result is called an ‘A Record’.
A PTR Record is obtained in the opposite fashion. By performing a Reverse DNS lookup, a server can resolve an IP address to obtain a domain or a hostname.
Why PTR records are important?
An email travels across the servers (MTAs) on the way to the recipient’s email client. Before it’s delivered to an inbox, most email providers will enforce one simple test. They’ll run a DNS lookup simultaneously with a Reverse DNS lookup and will compare whether the results match. If they don’t or a PTR record simply doesn’t exist, an email is likely to be sent to spam or even discarded.
PTR Records are a defense used by servers against spammers, especially those using fraudulent domain names. If the records are configured for mail.example.com, resolving an IP address with a PTR lookup (Reverse DNS lookup) won’t point to a real domain. This, as a result, will send up a red flag for an MTA and will likely lead to an email being discarded.
That’s why it’s important to have a PTR record added to your domain’s DNS if you use it to send mass emails.
PTR records are also important for marketers and for their analytical tools, such as Google Analytics. As a website owner, you can easily see which IP addresses visit your pages. The numbers themselves would be rather meaningless but thanks to Reverse DNS lookup you can see the hostnames or domains of visitors. And this can give you some valuable information.
How to set up PTR records?
Same as when you add a regular A record, the steps for adding a PTR record also very much depend on your hosting provider. For some, you should be able to add one in your admin panel. For others, you might need to reach out to the support team so they can set this up for you.
If you follow my previous post of setting up your own mailserver on VPS, then to set up PTR record will be a challenge. Most free VPS does not offer free PTR records. So you have to either pay for this premium feature or leave PTR record empty for your email domain. If you host your own mailserver on a environment that already provides PTR, such as home Internet, then that’s perfect.
What’s the impact of no PTR records in real world?
I did some test on my newly created mail server. Of course, no PTR. But enabled SPF and DKIM correctly, also configured DMARC record.
I use that mail server to send couple emails to Google Gmail. All delivered properly, most in INBOX, a few in SPAM. No email dropped.
The same mail server send emails to Microsoft Outlook.com and O365. All emails dropped. No notification on recipient side. After 12 hours, sender will receive notification from Microsoft mail server says your mails from your mailserver ip is on their blocklist and cannot be delivered. Microsoft leaves you a link with a form to submit request to move your ip out of Microsoft’s blocklist. I tried, but failed. Microsoft will tell you that your IP is not qualified for mitigation. They will not tell you why your IP is not qualified even your IP never been used to send SPAMs. Obviously, this is due to no PTR of mailserver IP address.
So the impact of no PTR records is your mails cannot be delivered to recipients that using Microsoft email platform and other mail servers that have strict no PTR blocking rules.
What’s the suggestion?
Leave with it.
As I mentioned my use case in my previous post, I just need a mailserver to host all my domains. Most needs are just received inbound emails. So no PTR has zero impact on this.
Want to send email on their domain? You have to look for paid service. As free service is always ruined by malicious activities. I don’t think Microsoft mailserver does anything wrong to put strict SPAM and phishing blocking rules there.
Leave a Reply