1

Can I have 2 IPs with the same PTR Record?

For example:

122.122.122.1 with PTR Record mail.example.com.

122.122.122.2 with PTR Record mail.example.com.

Each IP-address is with a different ISP, the purpose for this is because im running a email server with one IP but here in my country sometimes the internet service providers falls and keep fall about 1-2 days , so the plan is , when one ISP falls I could use the IP from the other ISP changing the “A” record to point to the other IP.

Is this possible to have same PTR Record in two different IPs?

diya
  • 1,771
  • 3
  • 14
Jorge Enrique Garzon
  • 11
  • 1

2 Answers2

3

Technically you can use any hostname on a reverse DNS record, even hostnames/domains that you don't own and operate.

So in that regard there is no real obstacle.

But:

Generally it is considered a configuration error when forward and reverse DNS records don't match. See for example https://www.rfc-editor.org/rfc/rfc1912.html#section-2.1

And you mileage may vary a bit when you make the forward record for mail.example.com. a round robin one pointing to both IP-addresses.

To prevent spammers from assigning reverse DNS records from domains they don't own (to appear trusted): many spam filters will do two lookups:

  • a reverse DNS lookup of the IP-address from the remote SMTP server
  • a second lookup to see if the forward DNS record, the A record in case of IPv4 address, an AAAA in case of an IPv6 IP-address, matches reverse DNS record on that IP-address

When the two don't correlate - the spam score is increased and/or the message rejected.

It wouldn't surprise me if at some spam filters won't handle round-robin forward DNS records properly and then part of your mails will be considered spam.

diya
  • 1,771
  • 3
  • 14
  • Hi, thanks for your answer. – Jorge Enrique Garzon Sep 13 '22 at 14:21
  • but what if I only use one IP as A record at the same time? I won't use both IPs at same time – Jorge Enrique Garzon Sep 13 '22 at 14:22
  • Those are different records. Even if the name under the PTR has only one A records. For example, the second might be the one left after IP address change; you don't own that address anymore and you don't care where its reverse record is pointing at. The reverse record is the problem of the IP owner, not the name owner. All in all, I don't get why are you so concerned and the what was the motivation to write the question, because apparently you had no business problem that might be caused by this, as there couldn't be any problems caused by this. – Nikita Kipriyanov Oct 15 '22 at 11:03
0

Yes, you can set 2 different reverse PTR records with the same hostname.

They are not correlated against the A records. No DNS will disagree. As pointed out, a remote mail server may check the PTR records against the A record.

If the PTR records are set on a local DNS, this, however, wont resolve the problem with checks if the zone is not delgated (with CNAMEs, the whole zone etc). The remote mail server wont see any locally added PTR records that are not delegated. They will ask for the PTR record that is registered at some registrar owning the addresses.

Joppe
  • 11
  • 4
  • 1
    *They are not checked against the A records.* Not necessarily,but possibly. Forward-confirmed reverse DNS (FCrDNS) as spoofing mitigation does recheck PTR against A. – Zac67 Oct 13 '22 at 08:49
  • I would suggest that regardless which server the mail is sent from, that is the record that will be checked. So in that perspective it should not matter - the correct reverse record will be sent. The mail server checking wont know of the other RR and have no reason to check for an address not in use. – Joppe Oct 15 '22 at 01:34