Smooth IP reverse resolution (PTR record) step analysis

Source: Internet
Author: User

Today, with the proliferation of spam, spam has brought great harm to our life, work, and study. Due to the lack of an effective sending authentication mechanism between SMTP servers, even if spam recognition blocking technology is adopted, in addition, the spam recognition blocking technology mainly identifies emails based on certain conditions after receiving them, which requires a lot of server resources. If you can take some measures before the emails arrive at the server, this greatly improves the server efficiency. Therefore, many email servers, such as,, and, have adopted the spam identification blocking technology + reverse IP resolution verification technology to better block spam.
Let's take a look at what reverse IP resolution is. In fact, a friend who has worked on a DNS server will surely know that there are two regions in the DNS server, namely "forward lookup area" and "reverse lookup area". The reverse lookup area is the IP reverse resolution mentioned here, it is used to query the PTR record of the IP address to obtain the domain name pointed to by the IP address. Of course, to obtain the domain name successfully, you must have the PTR record of the IP address.
So how is reverse IP resolution applied to the mail server to block Spam? Let's take a look at the following example:
One day, a q visited Company A and handed him A business card containing information such as his "hacker murder club" and phone number, company A thought it was necessary to make A simple investigation into the origins of Q, so he called the Telecommunications Bureau of the phone number on Q's business card to check the situation, if the Telecommunications Bureau tells Company A that its phone number does not belong to the "black road killing club", Company A will reject the visit by Q. If the phone number does belong to the "black road killing club ", company A may accept A visit from Q and may further investigate the situation. Therefore, the company called the registrar of the "black road murder club". If the answer was received to confirm that the club had the phone number, company A will accept A visit from Q; otherwise, the visit will be rejected.
In this example, a q is like our mail server, and company A is the mail server of the other party, the "black road murder club" is the HELO domain name used by the email server to communicate with the other's email server (not the domain name after the email address ), the phone number on the business card is the public IP address at the exit of our email server. Company A's investigation of Q is equivalent to A reverse resolution verification process. From this we can see that reverse resolution verification is actually performed by the other server. If we do not do reverse resolution, the reverse resolution verification of the other server will fail, in this way, the recipient's server rejects the email we sent because we are an unknown sender, this is why we cannot send emails to or without reverse resolution after we exclude other reasons (such as being blacklisted by the other party, having no MX records, and using dynamic IP addresses.

So how can we smoothly perform reverse resolution? First, you must have a fixed public IP address, available domain name (it is best not to be used by other services), such as you have a domain name, you can ask your domain name registrar to add you A domain name and direct its A record to your SMTP server egress public IP address, such as:, then contact your ISP for reverse resolution of your IP address to the Don't forget to change the HELO domain name of your SMTP server to a so that you can achieve your goal
In addition:
1. emails sent to after reverse resolution may be transferred to the "unknown folder". Please contact to solve the problem.
2. Check whether reverse resolution is successful. Run the following command: nslookup-qt = ptr yourIP. You can see the reverse resolution result from the returned information.
3. You must have a fixed public IP address and a real available domain name. At the same time, note that the record of the reverse resolution domain name must point to this IP address!
4. If you have multiple fixed public IP addresses, you only need to perform reverse resolution of the primary egress IP address, no matter how many SMTP servers you have, as long as the IP address is connected to the Internet, you can change the HELO domain name of these SMTP servers to the IP address reverse resolution domain name. (It is irrelevant to the address domains on these SMTP servers)
5. The domain name and IP address shown here are all virtual information. If any inconvenience is caused to the real rights owner, please do so, but I shall not be liable for it. +

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.