34

I'm a DNS noob, so here's a question:

Can a server have multiple reverse DNS entries? Or does one IP address just resolve to one DNS name?

Here is why I need this:

I have a number of sites hosted on a server, as well as the mail for a number of domains. From what I can tell, the mail servers without the reverse dns entries are treated as spam servers by some mail programs. So it seems like I need to add an entry for them. Or can each server only run mail for one domain?

Note - I just have one IP address that runs all these domains.

Sam Schutte
  • 886
  • 2
  • 9
  • 15

6 Answers6

22

Generally what they care about is that the rDNS result resolves back to the original IP. So a typical setup would look like this:

  • www.example.com and www.yourdomain.example both resolve to 192.0.2.1.
  • The PTR for 192.0.2.1 is myhost1.yourdomain.example.
  • myhost1.yourdomain.example resolves to 192.0.2.1.

I believe most spam filters consider that to be an appropriate rDNS configuration.

If, however, you have separate IP addresses for each website and mail server running on your box so that email from example.com and yourdomain.example appear to come from different IP addresses (and that would be a really bizarre email setup), then the forward and reverse DNS for that domain/IP combination should just point back to each other:

  • example.com email comes from 192.0.2.2
  • PTR for 192.0.2.2 is example.com.
  • example.com resolves to 192.0.2.2
kinokijuf
  • 118
  • 14
Insyte
  • 9,314
  • 2
  • 27
  • 45
13

You can do it, but it isn't recommended. There might be cases where you'll break things by setting up multiple records.

törzsmókus
  • 134
  • 7
Zoredache
  • 128,755
  • 40
  • 271
  • 413
9

Yes, but NOT recommended

Most reverse DNS entries only have just one PTR record.

While you can have multiple PTR records for the same IP its not recommended unless absolutely needed.

A web server with a lot of virtual is one example where I've seen more than one PTR record but I think you'll find this breaks things and causes problems a lot more than it turns out to be useful. Too many PTR records (talking dozens if not hundreds) can also lead to large bloated DNS packets.

I think its safe to say that most of the servers and software out there expects to see just one PTR record.

Unless you absolutely know what you're doing and you have a specific reason for multiple PTR records and you know its NOT going to break anything... just do yourself a favor and stick to a single PTR record. :-)

KPWINC
  • 11,274
  • 3
  • 36
  • 44
  • +1 for comment about packet bloat. However most decent languages will happily return multiple entries in their equivalent to `gethostbyaddr()`. PHP appears to be an unfortunate exception though :( – Alnitak Sep 16 '09 at 05:54
  • 4
    @KPWNIC IMNSHO it would be nice to quote your sources, as most of your answer is copy-pasted from Wikipedia... – Gyom May 27 '11 at 12:49
  • What about having a PTR record for both ipv4 and ipv6? – Alkanshel Jun 25 '14 at 20:55
5

One option you might try is creating an spf record for the additional domains. In effect this record tells those mail recipients "this server isn't me but IS an authorized sending mail server." I think you will find most big time mail recipients now will check for SPF records and this would probably be a much less troublesome way to ease your issue.

Charles
  • 879
  • 5
  • 9
4

The other thing which a lot of filters/SMTP servers care about is that the HELO hostname exists in forward/reverse DNS.

So just make sure the reverse DNS entry for the server's IP matches what it says in the SMTP HELO and you should be fine - and ensure that there is a forward lookup.

James
  • 7,553
  • 2
  • 24
  • 33
-4

If you host multiple domains on a same mail server public IP, then you need it, that's what I did. I'm not sure if it's the right way but it's working

Alex S.
  • 1
  • 1
  • 2
    No, the claim "then you need it" is not true. – Håkan Lindqvist Jul 26 '14 at 23:43
  • @Drux The expectation is that the reverse dns entry points back to the name of the mail server, which is not tied to which names it handles mail for. No need to have multiple names just because you handle mail for many domains. – Håkan Lindqvist Jul 31 '18 at 15:43