Skip to main content
Home Reverse DNS

Reverse DNS

(also rDNS)

What is reverse DNS?

Reverse DNS is a lookup method in the Domain Name System that determines the host of an IP address. Reverse DNS lookup is the opposite of forward DNS lookup that determines the IP address from a domain name.

See also: DNS query, DNS record, DNS A record, DNS AAAA record, DNS CNAME record, DNS MX record, DNS PTR record, DNS SOA record, DNS SPF record, DNS SRV record, DNS TXT record

How does reverse DNS work?

Reverse DNS (rDNS) works by translating an IP address back into its associated domain name. When a reverse DNS query is initiated, the system formats the IP address in reverse order and appends it with the domain in-addr.arpa for IPv4 addresses (or ip6.arpa for IPv6). The query is sent to a DNS resolver, which then checks the appropriate DNS server for a corresponding PTR (Pointer) record. If a PTR record exists, the DNS server returns the associated domain name; if not, it indicates that the lookup failed. This process is commonly used for purposes like spam filtering, network troubleshooting, and verifying email sender legitimacy.

Reverse DNS examples

If a website has active reverse DNS, you can access it by entering its IP address into the search bar instead of the domain name. So if you entered 173.194.217.103 into your browser’s search bar, you would reach Google.

The importance of reverse DNS in cybersecurity

Reverse DNS plays a critical role in enhancing cybersecurity through various mechanisms:

  • Enhancing email security with reverse DNS: By verifying the domain associated with an IP address, reverse DNS helps ensure that incoming emails are from legitimate sources. This verification process is crucial in maintaining the integrity of email communications.
  • Preventing spam and phishing attacks: Many spam and phishing attempts originate from IP addresses with no valid reverse DNS entries. By blocking these suspicious IPs, organizations can reduce the risk of falling victim to such attacks, thereby protecting sensitive information.
  • Role of reverse DNS in network security: Reverse DNS can help identify potential threats by mapping IP addresses to their corresponding domain names. This identification allows security teams to investigate unusual activity and respond to incidents more effectively.