Technical Guidance

PTR mechanisms in SPF records

By 9 October 2015 No Comments

If PTR mechanisms are detected, the current diagnostic output is:

Warning: PTR mechanisms SHOULD NOT be used and cannot be resolved using this diagnostic tool.

What does the PTR mechanism mean?  When an email receiver gets a piece of email and the PTR mechanism is in the sender’s SPF record, the receiver will look at the incoming IP address and do a “PTR” lookup.  For example, if the sender is sending email from IP address, the receiver will perform a PTR lookup of to attempt to retrieve a hostname.  Lastly, if a hostname is discovered for IP address, then that hostname’s domain is compared to the domain that was originally used to lookup the SPF record.

3 important things about the above:

  1. The PTR mechanism has been deprecated.  See the relevant RFC for more info.
  2. The SPF Surveyor cannot resolve PTR mechanisms because a real connection from a real sender is necessary to complete the lookup.
  3. MOST IMPORTANTLY: Some large receivers will skip the mechanism – or worse they’ll skip the entire SPF record – because such mechanisms cannot be easily cached.  Imagine a large receiver doing a PTR lookup for millions of different connections… the size of the local cache explodes.