What is the best practice for reverse DNS resolution when sending email via an ESP?

Key findings

• Shared IP rDNS: For shared IP addresses, the rDNS (PTR record) typically resolves to the ESP's domain, not your sender domain. This is standard practice and generally does not negatively impact deliverability.
• Dedicated IP rDNS: With dedicated IP addresses, some ESPs allow you to customize the rDNS to match your sending domain or a specific subdomain, which can further align your sending identity.
• Reputation Impact: Proper rDNS configuration, whether managed by you or your ESP, contributes significantly to your sender reputation and helps recipient mail servers verify the authenticity of incoming email. This helps avoid your emails ending up on a blacklist or blocklist.
• HELO/EHLO Match: It is best practice for the hostname used in the mail server's HELO/EHLO command to match the rDNS entry of the sending IP address. This consistency reassures recipient servers.

Key considerations

• ESP control: Recognize that your ESP has ultimate control over the rDNS for their IP ranges. Your primary responsibility is to ensure they have correctly configured it, even if it points to their domain.
• Authentication Alignment: While rDNS is important, ensure your SPF, DKIM, and DMARC records are properly configured and aligned with your sending domain, as these are critical for email authentication.
• Monitoring: Regularly monitor your email deliverability and any bounce messages related to rDNS. This can help identify potential issues early on. Mailgun provides additional insights on reverse DNS white labeling and its setup.

Key opinions

• ESP-controlled rDNS: Many marketers note that their ESPs' rDNS resolves to the ESP's own domain, not the client's. This is a widely observed pattern across various providers.
• Non-issue for deliverability: Despite the rDNS pointing to the ESP, marketers generally report that this setup does not cause significant deliverability issues.
• Dedicated IP flexibility: For those with dedicated IPs, some ESPs offer the option to customize the rDNS, providing more control and alignment for the sender's brand.
• Seeking clarity: There's often a quest for clarity on whether an rDNS resolving to the ESP's domain versus the sender's domain is the right practice, highlighting a common point of confusion for those new to email infrastructure.

Key considerations

• Trust ESP defaults: For most marketers using shared IPs, trusting their ESP's default rDNS setup is the pragmatic approach, as it's designed to ensure overall network deliverability. This goes for how you authenticate your email more broadly.
• Focus on reputation factors: Instead of obsessing over rDNS customization on shared IPs, focus on other crucial elements of sender reputation, such as content quality, list hygiene, and proper authentication (SPF, DKIM, DMARC).
• Understand ESP limitations: Marketers should be aware that ESPs manage their IP addresses collectively, and changing rDNS for one client on a shared IP would impact others. Captain Verify notes that it's important to cooperate with a reputable email service that handles these configurations appropriately.

Key opinions

• ESP control on shared IPs: Experts confirm that for shared IPs, the ESP is responsible for setting the rDNS, and it typically resolves to the ESP's domain. This is not problematic for deliverability.
• Match HELO and rDNS: A fundamental best practice, irrespective of ESP usage, is ensuring the sending machine’s HELO hostname matches its reverse DNS entry for consistent authentication.
• Forward and reverse match: It is considered good practice for both forward DNS (A record) and reverse DNS (PTR record) to match, reinforcing the legitimacy of the sending IP.
• Dedicated IP customization: For dedicated IPs, ESPs may allow clients to set their own rDNS, offering an opportunity for closer brand alignment and potentially better domain reputation management.

Key considerations

• Verify ESP setup: Even if an ESP controls rDNS, it’s crucial to verify that it is properly configured and resolves to a valid, responsive hostname, as improper setup can lead to blocklisting or email rejection.
• Understand shared environment: When on shared IPs, accept that the rDNS will likely point to the ESP's infrastructure. Attempting to change this for a single client on a shared IP is not feasible and could disrupt services for others.
• Comprehensive authentication: While rDNS is important, experts emphasize that a holistic approach to email authentication, including robust SPF, DKIM, and DMARC policies, is paramount for deliverability. Word to the Wise offers tools to check reverse DNS records.

Key findings

• PTR Record Function: Documentation clarifies that PTR records facilitate a reverse DNS lookup, translating an IP address back into a domain name. This process is the inverse of how standard A records work.
• Anti-Spam Role: Recipient mail servers frequently use rDNS queries as a crucial anti-spam check, verifying that the sending server’s IP address aligns with its declared hostname. DuoCircle documentation confirms PTR records are part of email authentication.
• Recommended Practice: Having a properly configured reverse DNS for a sending IP is a widely recognized and recommended best practice for mail servers, as outlined by various technical standards and guides.
• Consistency: A key takeaway is the importance of consistency: the IP address's rDNS should match the hostname presented by the mail server in its HELO/EHLO greeting.

Key considerations

• Validation checks: Documentation implies that email servers perform reverse lookups to verify that the corresponding domain name matches the domain in the email, highlighting the validation aspect of rDNS.
• Impact on IPv6: The recommendation for reverse DNS applies equally to IPv6 sending IPs, indicating its universal importance across different IP versions, as stated by RIPE Labs in their discussion on email over IPv6.
• Role with ESPs: While ESPs manage the rDNS, the documentation reinforces that a correctly set rDNS by the ESP is still crucial for your emails to pass deliverability checks by recipient mail servers.