PTR record(or pointer recored, or RDNS record) is a DNS record in a DNS zone file. It maps an ip address to a host name or a domain name. It is used by mail servers to fight spammers. It is the core of the iprev authentication method.
How does iprev work?
The mta looks up the ip gotten from the connection information for its PTR record, which is called reverse DNS lookup. It will get the domain name corresponding to the ip. Then the mta looks up the retrieved domain name for its ip address, which is called forward DNS lookup. If the result of the forward DNS lookup matches the connection ip, the result of iprev test is “pass”.
What is the difference between iprev and spf?
There is confusion between SPF and iprev check because both involve ip and domain name. However, the domain name involved in SPF are gotten from the envelop MAIL FROM or the EHLO domain, while the domain name in iprev is gotten by reverse DNS lookup. The ips involved in SPF and iprev are the same, both gotten from the TCP connection information. In SPF, only normal forward DNS lookup is executed. The forward DNS lookup is used to fetch the SPF record for the domain name. In iprev, both forward DNS lookup(for A record) and Reverse DNS lookup(for PTR record) are done.
Other aspects about iprev
Some mail servers use reverse DNS lookup for other authentication aims. For example, if they find the host name in the PTR record contains some pattern for shared ips/broadband family ips, they may reject the connection from mua as they category it as a spammer. But this is not a part of the standard iprev test method.