335:: checking the domain names in the rDNS to see if they are likely from dialup users, or dynamically assigned addresses unlikely to be used by legitimate mail servers. Owners of such IP addresses typically assign them generic rDNS names such as "1-2-3-4-dynamic-ip.example.com." Some anti-spam filters assume that email that originates from such addresses is likely to be spam, and may refuse connection.
268:— i.e. multiple hostnames then resolve to a single address, and multiple hostnames will be returned for a PTR lookup for that shared address. However, DNS lookups typically occur over UDP, and since UDP has a limited message size, in extreme cases, multiple PTRs could cause a DNS response to exceed those UDP limits.
160:
and converting each octet into a decimal number. These decimal numbers are then concatenated in the order: least significant octet first (leftmost), to most significant octet last (rightmost). It is important to note that this is the reverse order to the usual dotted-decimal convention for writing
211:
Historically, Internet registries and
Internet service providers allocated IP addresses in blocks of 256 (for Class C) or larger octet-based blocks for classes B and A. By definition, each block fell upon an octet boundary. The structure of the reverse DNS domain was based on this definition.
342:(FCrDNS) verification can create a form of authentication showing a valid relationship between the owner of a domain name and the owner of the server that has been given an IP address. While not very thorough, this validation is strong enough to often be used for
361:
System logging or monitoring tools often receive entries with the relevant devices specified only by IP addresses. To provide more human-usable data, these programs often perform a reverse lookup before writing the log, thus writing a name rather than the IP
216:, IP addresses were allocated in much smaller blocks, and hence the original design of pointer records was impractical, since autonomy of administration of smaller blocks could not be granted. RFC 2317 devised a methodology to address this problem by using
111:. Since no name server knows about all of the domain namespace, the response can never be assumed to be complete. Thus inverse queries are primarily useful for database management and debugging activities. Inverse queries are
403:
A reverse DNS lookup is a DNS query for the domain name associated with a given IP address. This accomplishes the opposite of the more-commonly-used forward DNS lookup, in which the DNS is queried to return an IP
74:
Although the informational RFC 1912 (Section 2.1) recommends that "every
Internet-reachable host should have a name" and that "for every IP address, there should be a matching PTR record," it is not an
292:
uses specially-named records in the reverse DNS tree to provide hints to clients about subnet-specific service discovery domains. Less standardized usages include comments placed in
152:. In this domain, an IPv4 address is represented as a concatenated sequence of four decimal numbers, separated by dots, to which is appended the second level domain suffix
264:
While most rDNS entries only have one PTR record, DNS does not restrict the number. Multiple PTR records are used, for example, when a web server supports many
20:
123:
The IQUERY message type was always "optional" and "never achieved widespread use"; it was "permanently retired" in 2002 with the adoption of
63:– the reverse of the usual "forward" DNS lookup of an IP address from a domain name. The process of reverse resolving of an IP address uses
380:
244:
in reverse order, represented as hexadecimal digits as subdomains. For example, the pointer domain name corresponding to the IPv6 address
332:
107:(TTL) are not significant. The response carries questions in the question section which identify all names possessing the query RR
276:
Record types other than PTR records may also appear in the reverse DNS tree. For example, encryption keys may be placed there for
605:
67:. rDNS involves searching domain name registry and registrar tables. The reverse DNS database of the Internet is rooted in the
87:
The modern "reverse DNS lookup" should not be confused with the now-obsolete "inverse query" (IQUERY) mechanism specified in
573:
289:
103:(RR) in the answer section of the message, with an empty question section. The owner name of the query RR and its
213:
339:
200:
27:
610:
317:
390:
285:
531:
503:
485:
8:
156:. The four decimal numbers are obtained by splitting the 32-bit IPv4 address into four
52:
523:
347:
157:
76:
513:
475:
124:
88:
36:
355:
100:
534:
488:
465:
128:
92:
325:
599:
527:
577:
281:
265:
217:
104:
56:
312:
The original use of the rDNS: network troubleshooting via tools such as
254:
b.a.9.8.7.6.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa
385:
313:
297:
293:
64:
60:
443:
419:
115:
an acceptable method of mapping host addresses to host names; use the
518:
480:
343:
240:). An IPv6 address appears as a name in this domain as a sequence of
549:"FAQs | Deliverability, DNSBLs, Malware & reputation data"
351:
184:
548:
241:
19:"RDNS" redirects here. For nursing services in Australia, see
277:
68:
420:"RFC 1035 — Domain names - implementation and specification"
79:
requirement, and not all IP addresses have a reverse entry.
509:
471:
321:
229:
145:
354:
usually cannot achieve forward validation when they use
300:
to identify the geophysical location of an IP address.
501:
164:
For example, to do a reverse lookup of the IP address
308:The most common uses of the reverse DNS include:
271:
16:Finding a domain name associated to an IP address
597:
324:e-mail, web sites tracking users (especially on
373:
206:
320:, and the "Received:" trace header field for
433:
409:
259:
502:S. Cheshire; M. Krochmal (February 2013).
438:
436:
414:
412:
223:
176:would be looked up, and found to point to
139:
99:Inverse queries take the form of a single
517:
479:
463:
134:
598:
495:
457:
172:the PTR record for the domain name
82:
51:) is the querying technique of the
13:
212:However, with the introduction of
14:
622:
232:addresses use the special domain
148:addresses use the special domain
161:IPv4 addresses in textual form.
566:
541:
444:"RFC 3425 — Obsoleting IQUERY"
272:Records other than PTR records
214:Classless Inter-Domain Routing
21:Royal District Nursing Service
1:
606:Information retrieval systems
366:
340:forward-confirmed reverse DNS
207:Classless reverse DNS method
199:then it would be said to be
28:Reverse domain name notation
7:
505:DNS-Based Service Discovery
290:DNS-Based Service Discovery
109:which the name server knows
10:
627:
333:e-mail anti-spam technique
25:
18:
574:"reference page from AOL"
464:G. Huston (August 2005).
470:. Network Working Group
467:Deprecation of "ip6.int"
358:to forge domain records.
260:Multiple pointer records
228:Reverse DNS lookups for
191:in turn pointed back to
144:Reverse DNS lookups for
26:Not to be confused with
303:
224:IPv6 reverse resolution
140:IPv4 reverse resolution
55:(DNS) to determine the
135:Implementation details
121:
45:reverse DNS resolution
97:
580:on December 10, 2006
553:The Spamhaus Project
174:4.4.8.8.in-addr.arpa
59:associated with an
611:Domain Name System
248:2001:db8::567:89ab
71:top-level domain.
53:Domain Name System
41:reverse DNS lookup
201:forward-confirmed
77:Internet Standard
37:computer networks
618:
590:
589:
587:
585:
576:. Archived from
570:
564:
563:
561:
559:
545:
539:
538:
521:
519:10.17487/RFC6763
512:. sec. 11.
499:
493:
492:
483:
481:10.17487/RFC4159
461:
455:
454:
452:
451:
440:
431:
430:
428:
427:
416:
407:
406:
400:
398:
393:on 30 March 2019
389:. Archived from
377:
356:zombie computers
346:purposes, since
255:
250:
249:
239:
235:
197:
196:
190:
179:
175:
170:
169:
155:
151:
118:
83:Historical usage
626:
625:
621:
620:
619:
617:
616:
615:
596:
595:
594:
593:
583:
581:
572:
571:
567:
557:
555:
547:
546:
542:
500:
496:
484:. BCP 109.
462:
458:
449:
447:
446:. November 2002
442:
441:
434:
425:
423:
422:. November 1987
418:
417:
410:
396:
394:
379:
378:
374:
369:
326:Internet forums
306:
274:
262:
253:
247:
246:
237:
233:
226:
209:
194:
193:
188:
177:
173:
167:
166:
153:
149:
142:
137:
119:domain instead.
116:
101:resource record
85:
31:
24:
17:
12:
11:
5:
624:
614:
613:
608:
592:
591:
565:
540:
494:
456:
432:
408:
371:
370:
368:
365:
364:
363:
359:
336:
329:
305:
302:
273:
270:
261:
258:
225:
222:
208:
205:
141:
138:
136:
133:
84:
81:
15:
9:
6:
4:
3:
2:
623:
612:
609:
607:
604:
603:
601:
579:
575:
569:
554:
550:
544:
536:
533:
529:
525:
520:
515:
511:
507:
506:
498:
490:
487:
482:
477:
473:
469:
468:
460:
445:
439:
437:
421:
415:
413:
405:
392:
388:
387:
382:
381:"Reverse DNS"
376:
372:
360:
357:
353:
349:
345:
341:
337:
334:
330:
327:
323:
319:
315:
311:
310:
309:
301:
299:
295:
291:
287:
283:
279:
269:
267:
266:virtual hosts
257:
251:
243:
231:
221:
219:
218:CNAME records
215:
204:
202:
198:
186:
181:
171:
162:
159:
154:.in-addr.arpa
147:
132:
130:
126:
120:
114:
110:
106:
102:
96:
94:
90:
80:
78:
72:
70:
66:
62:
58:
54:
50:
46:
42:
38:
33:
29:
22:
582:. Retrieved
578:the original
568:
556:. Retrieved
552:
543:
504:
497:
466:
459:
448:. Retrieved
424:. Retrieved
402:
395:. Retrieved
391:the original
384:
375:
344:whitelisting
307:
275:
263:
245:
236:(previously
227:
210:
192:
182:
165:
163:
150:in-addr.arpa
143:
122:
117:in-addr.arpa
112:
108:
105:time to live
98:
86:
73:
48:
44:
40:
34:
32:
298:LOC records
294:TXT records
65:PTR records
57:domain name
600:Categories
450:2017-12-28
426:2017-12-28
386:Cloudflare
367:References
314:traceroute
189:dns.google
178:dns.google
61:IP address
528:2070-1721
404:address.
362:address.
352:phishers
348:spammers
234:ip6.arpa
185:A record
584:May 28,
558:May 28,
397:25 July
328:), etc.
242:nibbles
238:ip6.int
195:8.8.4.4
183:If the
168:8.8.4.4
526:
158:octets
127:
91:
278:IPsec
69:.arpa
586:2024
560:2024
535:6763
524:ISSN
510:IETF
489:4159
472:IETF
399:2019
350:and
331:One
322:SMTP
318:ping
304:Uses
296:and
284:and
230:IPv6
187:for
146:IPv4
129:3425
93:1035
49:rDNS
39:, a
532:RFC
514:doi
486:RFC
476:doi
286:IKE
282:SSH
252:is
125:RFC
113:not
89:RFC
43:or
35:In
602::
551:.
530:.
522:.
508:.
474:.
435:^
411:^
401:.
383:.
338:A
316:,
288:.
280:,
256:.
220:.
203:.
180:.
131:.
95::
588:.
562:.
537:.
516::
491:.
478::
453:.
429:.
47:(
30:.
23:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.