-   Linux - Networking (
-   -   multiple ptr records same ip address (

jdappert 12-11-2008 03:05 PM

multiple ptr records same ip address
I have a mailserver hosting a number of domains. recently we moved the machine to a new network. I have been setting up the dns records and realized it might not be best practice to have multiple ptr records for one machine. Does anyone know what would be the best solution?

acid_kewpie 12-12-2008 08:18 AM

Well the PTR should really point to a *machine* name, not a service name etc. Other way round, I'd also tend to only have a single A record of the machine name, with all service names being CNAME's to that single A.

jdappert 12-12-2008 10:37 AM

Ive read most reverse dns lookups only take the first ptr entrie or a random entrie. I'm guessing best practice is to have 1 PTR entry for the real hostname of the machine sending mail.

Interesting concept for your multiple CNAMES instead of a bunch of A records. Dunno if I want to implement it though.


ACDII 02-23-2011 08:26 AM

I know this is an old thread, but recently had a customer request multiple PTR names for a single IP, and they keep coming back asking, is it done, is it done? Like the kid in the back seat, are we there yet? They keep doing an nslookup on the IP and it keeps coming back with only one name. Well, duh, thats how it works.

To answer this correctly after doing hours of research and finding the correct answer, I thought I would share.

The correct method of doing a PTR record for a mail server with multiple domains using one single IP, IE a hosted mail server, use the servers host name for the PTR record. What you can do to verify my answer, send an email from each domain off that server to an account you have access to and look at the headers. You will find that the received from server name will all be the same, the servers name. When a receiving server looks at an email it will be looking at the headers, and will run a PTR check against the name found in the header, in most case, all the server needs to allow it through is for a name to come back, regardless if it matches or not. For servers that have strict anti-spam filters, it does an actual name match, PTR to server name, and if it isn't and exact match, will reject it. It gets that name from the headers. Check it out, look at the headers of some emails you have, chances are the server name matches the forward lookup for most emails, but you will find a few that don't.

All times are GMT -5. The time now is 06:17 PM.