Enable reverse DNS lookup in Messaging Gateway
search cancel

Enable reverse DNS lookup in Messaging Gateway


Article ID: 177253


Updated On:


Messaging Gateway


Reverse DNS is not enabled in the Symantec Messaging Gateway (SMG).



Messaging Gateway


  • Enable reverse DNS lookup causes the inbound Mail Transfer Agent (MTA) of a SMG scanner to lookup a PTR record resource. If the IP address cannot be resolved via reverse DNS, the SMG drops the connection.
  • Enable reverse DNS lookup is enabled by default on Brightmail Gateway Appliance software version 8.0.x/Messaging Gateway 9.x and later.


For versions of SMG before 9.5.x, mail flow is not affected if the lookup passes or fails.
Since SMG 9.5.x, DNS Validation has been introduced. Administrators can specify an action for failed reverse lookup.

To find these settings:

  • In the GUI, go to the Protocols tab.
  • Under Settings, select SMTP
  • The four options for DNS validation are at the bottom of the page.

Technical Information
Unchecking "Enable reverse DNS Lookup" results in the MTA ceasing to perform reverse DNS lookups for each connection. This results in a nominal performance gain in most environments, but may result in a more pronounced performance gain in environments which have communications issues between the scanner and the name server which services the DNS lookup requests.