I want to learn how to configure reverse DNS resolution for my SMTP servers using Amazon Route 53 by creating PTR records and setting up delegation.
Resolution
On-premises SMTP servers
If you have an on-premises Simple Mail Transfer Protocol (SMTP) server and you use non AWS resources, then a third party might own your IP addresses. The third party might be another cloud computing platform or your internet service provider (ISP).
To configure reverse DNS, you must use the method that your IP address owner provides. The IP address owner might require you to create a reverse DNS record and provide only the name servers for delegation.
To configure Route 53 to respond to reverse DNS lookup queries for your server, create a public hosted zone. Then, add a pointer record (PTR) in the hosted zone.
Note: This resolution uses 1.2.3.4 (IPv4) and 2001:db8:: (IPv6) as example IP addresses for the SMTP server.
Create a public hosted zone
Create a public hosted zone for your server's IP address. Example hosted zones include 3.2.1.in-addr.arpa for IPv4 and 8.b.d.0.1.0.0.2.ip6.arpa for IPv6.
Note: If you create a reverse hosted zone for a non-octet boundary address range, then you must use the zone name. The IP address owner for the delegation provides this information.
Create a record set and PTR record
Complete the following steps:
- Create a record set for your hosted zone.
- Create a PTR record for your SMTP server.
For Name, enter the reversed IP address plus in-addr.arpa for IPv4 or ip6.arpa for IPv6. For example, 4.3.2.1.in-addr.arpa (IPv4) or 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arp (IPv6).
For Type, choose PTR.
For Value, enter the fully qualified domain name (FQDN) of the SMTP server. For example, mail.example.com.
Note: If your domain has multiple IP address blocks, then create additional reverse hosted zones with the corresponding PTR records to resolve the IP addresses.
Set up delegation
After you create the PTR record, ask the IP address owner to set up delegation to the name servers in your reverse hosted zone.
To locate name server details, complete the following steps:
- Open the Route 53 console.
- In the navigation pane, choose Hosted zones.
- Select your hosted zone.
- For Type, choose NS.
- Note the record's value.
Note: The time for the new configuration to take effect depends on the time to live (TTL) records of the previous name server record. The TTL records of the previous name server record might be cached in end-user local DNS servers.
SMTP servers that are hosted in Amazon VPC
The following resolution is for an SMTP server that's hosted in Amazon Virtual Private Cloud (Amazon VPC), and you use AWS provided Elastic IP addresses for your servers.
Complete the following steps:
- Create a forward DNS record (record type A) that points to the appropriate Elastic IP address.
- Create or update the reverse DNS record for the Elastic IP address:
For AWS Elastic IP addresses in all AWS Regions, use the Amazon Elastic Compute Cloud (Amazon EC2) console or the AWS Command Line Interface (AWS CLI). For IPv4, manage reverse DNS for AWS Elastic IP addresses. For IPv6 addresses, open a request to remove reverse DNS and email sending limitations. Include your IPv6 addresses and reverse DNS records with your request.
Related information
Why can't my server receive email after I created an MX record for my SMTP server in Route 53?