ATT Residential Reverse DNS Records (how to and rant)
Posted by annie_444@reddit | sysadmin | View on Reddit | 26 comments
Overview:
I’ve spent the past week scouring the internet for any information on how to setup reverse DNS records for my ATT residential account. I pay for a static IP block, so one would think that this is not an insane request. Well, this request sure about drove me insane. However, I’ve come to share my knowledge so you don’t have to waste your time like I did.
TL;DR:
Scroll to the bottom for instructions.
Storytime (i.e., rant):
After a quick search, you’ll find many results pertaining to ATT reverse DNS records; however, none of the given instructions are accurate. The most recent information I was able to find was on the LinuxExchange boards, and that was from 2017. So I decided I should just give ATT a call. My hope was high since when I called requesting a static IP block, I could rant with the rep about some pretty high level stuff. I was confident in ATT’s customer service representative training. However, that confidence was misplaced.
After calling the customer service line on their website, I was placed on hold for over a half an hour before being transferred to a technical support representative. However, the tech that I spoke with had no clue what I was talking about. Hope wasn’t lost, though, because he gave me the number of ATT’s security support office and assured me that they would be able to handle my request.
So I called the security line, and they were confused as to how I got their number as a residential customer. The representative I spoke with told me that they only served enterprise customers, not even normal business customers, let alone residential customers. So he gave me the number for ATT’s “premium” customer support line.
At this point I thought I was getting somewhere. It’s premium support, after all! But when I called the number, something seemed off. No automated “para español oprime dos,” no AI trying to figure out what I need… It was just hold music immediately. This isn’t unheard of; it’s just strange for an international telecommunications company. But then suddenly a recorded voice says, “Your account balance is $10,250.75. If you would like to make a payment, please press one.”… At this point it was screaming scam, especially since I’ve only been an ATT customer for 6 months and my internet is not that expensive. $600? Believable. $10,000!? Scam.
At this point all hope was lost. However, this morning I decided to give the customer service number (the first number I called) another try. This time, I wasn’t going to assume competency and just tell them what I needed them to do. A sweet southern woman answered the phone, and I asked to be transferred to technical support. Once transferred, I asked to be sent to the technical support manager. Once I was on the phone with the technical support manager, I finally explained what it was I was looking for. He ended up putting me on hold, but he seemed to know what I was talking about at first. However, 20 minutes later he picked up the line and asked, “You want… your DNS to be… reversed?” All hope was lost.
I decided it was time to weaponize my womanhood, and I went full Karen. I hate doing it, but at this point I was out of options. After slowly explaining to them what I was asking for, like I was explaining it to a five-year-old, I was placed on hold again. This time I was on hold for over an hour. But I was patient. I figured the tech had sought someone who knew what I was talking about. And my patience paid off! When he picked back up, he told me exactly what to do to configure reverse DNS records.
How to get Reverse DNS Records for ATT Static IP Addresses:
Note: This is how I did it in September 2025.
Note: I recommend just configuring NS records to your preferred name server(s), that way you don’t have to go through this process ever again.
- Identify the IP(s) and subnet(s) you want to set up records for.
- Identify the target name server(s) you want your IP address(es) and subnet(s) to point to.
- The Email. Note, there are some instructions online that tell you to include more/different information than what I’ve listed here. However, let this serve as a warning: do not include anything besides what I’ve listed here. If you include any more information, you’ll be in a week long email chain because the ATT DNS technicians don’t know what they’re doing.
- I’ve listed all the emails that are actively taking DNS requests. Each email address is technically delegated to separate divisions within ATT, but in my experience it’s better to include them all so the technicians from one division can help out the other ones if anyone gets confused (which is very likely in my experience.)
- I recommend including the RFC that explains reverse DNS best practices (RFC 2317) as they will sometimes claim that “reverse DNS can’t have NS records” (which is incorrect).
To: prov-dns@att.com, dnsrequests@att.com, RM-dnschanges@att.com
Subject: Reverse DNS
Body:
Account Information:
Billing number: The number listed on your bill or listed above your name on the website. Name: The full name of the primary account holder. Account Type: This is either “Residential Fiber” or “Residential Uverse 5G” (or “Business Fiber”). Address: The address where you have ATT internet. Phone number: This should be the number on your account, but if they can’t call you at that number, then just use whatever number you wish. Email: This should be the email listed on the account. If that email is different from the one you’re sending the email from, make sure you include a note right below noting which email they should reply to.
IP addresses and CDIR range:
CDIR: The subnet block you’ve been assigned. Make sure it’s a valid subnet, as ATT often gives you a x.x.x.x/29 block but only routes 5 addresses. This means that if your starting IP is x.x.x191*, your CDIR is either x.x.x190/29 or x.x.x192/29.
Addresses: List all the addresses that are actually usable within your subnet. e.g.:
- x.x.x.191
- x.x.x.192
- x.x.x.193
- x.x.x.194
- x.x.x.195
Requested records:
Please create name server (NS) records for the addresses listed above that point to:
Target DNS configuration:
Here you want to spell out your requested zone. I, personally, did it in the official zone syntax (TTL and all), which I think confused them, so here you might just want to say something like:
191.x.x.x.in-addr.arpa should have one NS record with the value ns1.example.com and a second NS record with the value ns2.example.com. 192.x.x.x… etc.
Tymanthius@reddit
Thanks.
but also, why reverse dns to a home account?
nefarious_bumpps@reddit
Primarily, for mail servers that want to send SMTP directly to recipients, instead of routing through a relay service. But it's also useful for network management so you can get the actual server name instead of a generic pool-123-456-789.location.att.net hostname for an IP address. It might also be needed if you're running Active Directory, but it's been so long since I ran on-prem AD I don't remember.
annie_444@reddit (OP)
It’s hilarious because ATT is one of the very few companies that still label all email domains without reverse DNS as spam. So I had to use my Gmail account to do all of this. (Most email servers use the DKIM records and domain keys instead.)
tankerkiller125real@reddit
Reverse DNS is still very important in emailing, it's used as one of the core metrics for spam detection, DKIM, DMARC, and SPF are still used for email check and validation, RDNS is used for spam detection though. Depending on the exact provider it can be a slight negative impact, to massive negative impact, just like using a Home IP range can be a slight negative impact, or a major one depending on the provider receiving the email.
nefarious_bumpps@reddit
DKIM doesn't prove the sender isn't sending SPAM, just that the server is signing email with the key specified in it's domain's DNS record. Most corporations and email providers will flag any mail from a server with an IP in the range of a residential ISP with a higher spam score. The PTR is fairly useless because so many businesses outsource email to Microsoft and Google that the sending domain and server's domain rarely match.
tankerkiller125real@reddit
The vast majority of mail servers now will detect the Home IP range and either reduce trust (sometimes significantly) or just straight up send to spam or block emails from home IP ranges. It's really not worth it at this point to host from home, an OVH VPS is cheap, easy, and doesn't have the same issue.
MarioV2@reddit
Cant you just setup a dns server and reverse proxy to get the domain name you want. Ie you can access home.lab at the address simce you registered the IP to resolve to that.
annie_444@reddit (OP)
I already have that setup, but I want to manage PTR records for a mail server.
a60v@reddit
Why wouldn't you want this? Some FTP sites, for example, reject connections from devices without valid PTR records. Plus, mail service (as noted below) and other services work best with proper PTR records.
Tymanthius@reddit
For a home connection? Meh. If you're really running a business from home, pay for the business level SLA and service.
netboy34@reddit
Unfortunately ATT business fiber is the same as residential just more expensive with the same SLA as residential.
imnotonreddit2025@reddit
Also AT&T Fiber Residential will sell you 5 usable static IPs for $20/mo.
xXFl1ppyXx@reddit
I firmly believe this isn't an ATT Problem. I've had my fair share of trying to get this to work for customers with multiple ISPs
If I ever needed to give props to T-Online it's specifically that you can set those records yourself in their customer Webportal. This is a godsend
annie_444@reddit (OP)
Yeah the “DNS department” (which I can’t believe is an actual department) was very confused about my request to set NS records. But I just want to be able to manage the records myself and never have to deal with this headache again.
AuroraFireflash@reddit
That's because you don't do that for PTR records and they're not going to hand you that control for PTR records.
hosalabad@reddit
it's always been a hassle to get ATT to delegate reverse lookup zones for enterprise, I can't imagine trying it on residential.
MikeS11@reddit
I’m glad you got your PTR problem solved. I’m going to risk looking like one of those people on the internet, hopefully I can try to be educational.
It’s CIDR, not CDIR. classless inter-domain routing.
The /29 notation means that 29 of the 32 bits in the subnet mask are 1’s. Written in dotted-decimal, that would be 255.255.255.248.
A /29 network has 8 IP addresses. The first is the network address. The last is the broadcast address. This leaves 6 assignable or “host” addresses. I’m guessing they use 1 for your router, leaving you with 5 to use.
x.x.x.190/29 is not a valid network address. It is a valid host IP address, which would be part of the x.x.x.184/29 network (assuming the adjacent network is a /29).
x.x.x.192/29 is a valid network address, but your 191 wouldn’t be found within that network.
annie_444@reddit (OP)
Thank you! My autocorrect was telling me it was wrong but I figured it was just because it’s jargon. However, I wrote this on break at work so I didn’t have time to spell check.
annie_444@reddit (OP)
I think I fixed it…
RCTID1975@reddit
I'm surprised they even set this up for you and didn't tell you to buy a business account.
I wouldn't bank on this working forever and would expect to wake up one day and it not work.
annie_444@reddit (OP)
I doubt it’ll break. It’s ATT after all. Also I am apart of the consortium that they get their static blocks from, and breaking my DNS to charge me for a reverse zone is against their rules.
Tymanthius@reddit
It's ATT. That can happen even w/ an SMB account.
HappyDadOfFourJesus@reddit
I would love to see the Comcast version of your guide, since we have clients who have been on Microsoft 365 for years but their office IP address still shows "mail.domain.com" in reverse DNS.
TheOnlyKirb@reddit
I was trying to do this with my IPv4 block (fiber) and gave up after spending hours, and getting nothing but nonsense from support.
Thank you for this post. Genuinely. I appreciate you spending your time and then sharing the results
sembee2@reddit
Your mistake was using the words "reverse DNS". The tech just hears DNS and ignores the rest.
I have the most success using "PTR". That doesn't sound like anything else and usually results in the correct information being relayed to me.
jamesaepp@reddit
"Okay sir please revert back the DNS and do the needful."