rDNS: Great way to build trust in your services

rDNS: Great way to build trust in your services

Oct 11 2022 DNS

Would it be great if you could show everybody that you are the true owner of a domain? Is the domain safe, and all the services running on it are legit? Yes! And there is an excellent way to do it by using PTR records inside an rDNS zone. How? Let’s find out!

Why do you need to build trust in your services?

You need to build trust because there are too many fake, hijacked, or hacked services, and this is why you need to prove your services. If you can show that your service is legit and that the IP address people get from your domain matches the reverse check, then people can trust you.

How does the rDNS enter the trust equitation?

rDNS is a reverse DNS. You can create a special DNS zone called rDNS (reverse DNS zone). The rDNS (Reverse DNS) is a special part of a DNS service that creates opportunities for rDNS lookups (reverse DNS lookups). The difference from the typical lookups is that instead of inputting the domain and asking for its IP address, you input the IP address and trace it back to the domain name.

If you set up Reverse DNS, you can provide a verification method for your users and other services, so they can check if the IP address is really a part of the domain.

How can somebody or some device check rDNS?

Many devices can perform rDNS lookups independently, but people can also do it if they want. That way, they can check if an IP address truly belongs to the domain name. You can also do it just to check if you have set it up correctly.

Just use the Command Prompt (Windows) or Terminal (Linux and macOS) and type the following command, followed by pressing the Enter button: nslookup 1.1.1.1

*Change 1.1.1.1 with the IP address you want to check.

What do you need to start using rDNS to build trust?

To start building trust with rDNS, you will need to do the following steps:

  1. Manage your domain/hostname. You can either have your own server and manage it or use a managed DNS service.
  2. Create a Primary Forwards DNS zone, and add A or AAAA records for it. This will be needed for the forward DNS queries.
  3. Create a Primary rDNS zone (reverse DNS zone). This will be the environment for the PTR records that can resolve IP addresses to domain names. 
  4. Inside the rDNS zone, create a PTR record by adding the IP address and pointing it to the domain name.
  5. You have completed the Reverse DNS setup, and now your services are more trustworthy.

Conclusion

Building trust in your services is not easy, but each additional security step brings you to the desired outcome. Using rDNS is a great way to do it, especially if you use a mail server. The TXT records for SPF, DKIM, and DMARC might not be enough, and you will need the PTR records of rDNS too.

Leave a Reply

Your email address will not be published. Required fields are marked *