4

I've found several threads related to this, but they are all very dated so I want to get some clarification.

I use an AWS ec2 instance with an elastic-ip, I've set up an SMTP (sendonly) mail-server using postfix on ubuntu 18.04, and I manage my DNS through domains.google. I'm setting up all my MX, SPF, dmarc/dkim records, but I'm confused in how I set up my PTR record.

When I select "PTR", it asks for a host-name and a data-field. Here is my confusion:

The PTR record is considered a reverse-DNS no? Shouldn't it be an IP address which points to my smtp.mydomain.com? When I type the IP address in the host-name field, it appends .mydomain.com so it looks something like:

###.###.###.###.mydomain.com -> smtp.mydomain.com

Should it not just be:

###.###.###.### -> smtp.mydomain.com?

David N
  • 45
  • 5

3 Answers3

6

PTR is managed by the owner of the IP. You will need to talk with Amazon about it. The public IPv4 address you are using needs to be an Elastic IP though.

https://aws.amazon.com/blogs/aws/reverse-dns-for-ec2s-elastic-ip-addresses/

Ackack
  • 989
  • 5
  • 11
  • I’ll also point out that AWS blocks port 25 outbound as well, without making a request to support to remove the restriction. – Appleoddity Mar 07 '22 at 06:48
3

Reverse DNS uses PTR records, but they are not in the zone for your domain, but in the zone matching your IP.

If you IP address is 192.0.2.1, then the PTR record is at the address 1.2.0.192.in-addr.arpa, and its value is the name you want to come back when someone does a reverse lookup for that address (e.g. smtp.example.org).

Having a PTR record inside your example.org zone does not serve any useful purpose (at least when it comes to reverse DNS).

Since the zone which holds your PTR record is shared with the many other people having an IP in the same /24, you can't edit the PTR directly in that zone. But your ISP can provide a way to provide the name you want to see returned, and they will put it in the relevant zone. See tilleyc's answer for details in the case of Amazon.

jcaron
  • 1,030
  • 7
  • 9
0

The answers are as Tilleyc and jcaron emphasized.

rDNS records are managed through the ip provider. In this case, through AWS. Navigate to EC2 dashboard, to Elastic IP, select & configure reverse DNS. Worked like a charm. My mail-tester is reporting 9/10 now, I just have to configure DKIM correctly but that is unrelated to PTR records!

David N
  • 45
  • 5