Create a reverse DNS record for email on Amazon EC2 - Amazon Elastic Compute Cloud

Create a reverse DNS record for email on Amazon EC2

If you intend to send email to third parties from an EC2 instance, we recommend that you provision one or more Elastic IP addresses and assign static reverse DNS records to the Elastic IP addresses that you use to send email. This can help you avoid having your email flagged as spam by some anti-spam organizations. AWS works with ISPs and internet anti-spam organizations to reduce the chance that your email sent from these addresses will be flagged as spam.

Considerations
  • Before you create a reverse DNS record, you must set a corresponding forward DNS record (record type A) that points to your Elastic IP address.

  • If a reverse DNS record is associated with an Elastic IP address, the Elastic IP address is locked to your account and cannot be released from your account until the record is removed.

  • If you contacted AWS Support to set up reverse DNS for an Elastic IP address, you can remove the reverse DNS, but you can't release the Elastic IP address because it is locked by AWS Support. To unlock the Elastic IP address, contact AWS Support. After the Elastic IP address is unlocked, you can release it.

  • [AWS GovCloud (US) Region] You can't create a reverse DNS record. AWS must assign the static reverse DNS records for you. Open Request to remove reverse DNS and email sending limitations and provide us with your Elastic IP addresses and reverse DNS records.

Create a reverse DNS record

You can create a reverse DNS record for your Elastic IP address as follows.

Console
  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

  2. In the navigation pane, choose Elastic IPs.

  3. Select the Elastic IP address and choose Actions, Update reverse DNS.

  4. For Reverse DNS domain name, enter the domain name.

  5. Enter update to confirm.

  6. Choose Update.

AWS CLI

Use the modify-address-attribute command in the AWS CLI, as shown in the following example.

aws ec2 modify-address-attribute --allocation-id eipalloc-abcdef01234567890 --domain-name example.com

The following is example output

{ "Addresses": [ { "PublicIp": "192.0.2.0", "AllocationId": "eipalloc-abcdef01234567890", "PtrRecord": "example.net.", "PtrRecordUpdate": { "Value": "example.com.", "Status": "PENDING" } ] }

Remove a reverse DNS record

You can remove a reverse DNS record from your Elastic IP address as follows.

If you receive the following error, you can submit a Request to remove email sending limitations to AWS Support for assistance.

The address cannot be released because it is locked to your account.
Console
  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

  2. In the navigation pane, choose Elastic IPs.

  3. Select the Elastic IP address and choose Actions, Update reverse DNS.

  4. For Reverse DNS domain name, clear the domain name.

  5. Enter update to confirm.

  6. Choose Update.

AWS CLI

Use the reset-address-attribute command in the AWS CLI, as shown in the following example.

aws ec2 reset-address-attribute --allocation-id eipalloc-abcdef01234567890 --attribute domain-name

The following is example output

{ "Addresses": [ { "PublicIp": "192.0.2.0", "AllocationId": "eipalloc-abcdef01234567890", "PtrRecord": "example.com.", "PtrRecordUpdate": { "Value": "example.net.", "Status": "PENDING" } ] }