Attention: E-mail administrators

Unfortunately, many companies don't have their DNS records completly configured.  Many smaller ISP's also have neglected  their DNS.

When many people set up their domains for e-mail they generally stop at the A and MX records.  The PTR, or reverse look-up record, generally gets overlooked.  The A record helps you find a system's IP address from a name.  For instance, if you wanted to visit Intel's web site, your computer will consult DNS for the A record for www.intel.com.   Querying DNS tells us the address is 198.175.96.33.  Your computer will go to that address when you browse to www.intel.com.

The MX record tells us which addresses handle e-mail for a particular domain.  When you want to send an e-mail to someone at Intel, your e-mail server queries DNS for the Intel's MX records.  Intel's MX records are mga01.intel.com, mga02.intel.com, and mga03.intel.com.  This means all three of those servers are capable of validly accepting mail for the intel.com domain.  Your e-mail server looke up the A records associated with these MX records and then has addresses it can send your e-mail to.

The PTR record operates opposite of the A record.  Where, with the A record you have the fully-qualified domain name of a computer and want the IP address, with the PTR record you have the IP address and want to know the fully-qualified domain name.

Reverse DNS allows you to use this PTR record to confirm whether an e-mail server is what it claims to be.  Say a spammer sends you an e-mail that claims to be from someone at Intel.  Your e-mail server could theoretically look at the IP address of the computer it receives the e-mail message from and through the PTR record, determine that the sender of the spam isn't really one of Intel's mail servers.  The FQDN the spammers PTR record would point to (if it was even configures) would tell your server the sender's IP address didn't even belong to a server in Intel's domain. 

One of the problems here is sometimes e-mail servers handle e-mail for several domains.  I have a client that manufactures a number of different products.  They have domain names for several of these products and receive mail on each of these domains.  Having a server for each of these domains would be rather expensive — especially given traffic for each of these domains is relatively low.  So, e-mail from most of their domains would come from an e-mail server whose A and PTR records would indicate a different domain name. 

The way AOL seems to implement reverse DNS lookups gets around this problem.  Their implementation isn't all that strict: all that's required is a fully-qualified domain name.  However, because AOL does this, a number of companies have spotty reliability when sending e-mail to AOL.  Their PTR records just aren't configured properly.  AOL is big enought to get away with it.  At this point, because the lack of PTR configuration is so common, none of my clients would be able to do this.  As soon as a client started having their e-mails blocked because their e-mail administrator never configured a PTR record I would have to stop using reverse DNS checks.  When AT&T Worldnet tried to implement it in 2003 they got quite a rude awakening and had to disable it within a day.

Reverse DNS can be a fairly strong tool in combatting spam.  We just need to get the e-mail adminstrators of the world on board and get their DNS records configured correctly. 

What I'm presenting here is really watered down and simplistic but I hope you get the picture.  I also sometimes have a tendency to leave stuff out because I'm usually writing for other technical people and they usually fill in the blanks themselves.  I realize some of my audience might not be that technical so let me know if I'm leaving glaring gaps.

Note: You won't necessarily create your PTR records with your DNS host.  Your ISP, who manages the IP addresses you're assigned will take care of your PTR records.  If your ISP and DNS host are one and the same, then Bob's your uncle.

Two great tools for DNS:
www.dnsstuff.com
www.dnsreport.com