Views:
Cloud Email Gateway Protection allows you to configure rules for reverse DNS validation based on the sender domain, namely the domain in the envelope address of the email sender.
For each rule, Cloud Email Gateway Protection supports two levels of reverse DNS validation:
  • Whether there is a PTR record for the email sending IP address
  • If a PTR record exists, whether the PTR record for the email sending IP address has a matching Address record (A record)
If the sender domain of an incoming message meets multiple rules, Cloud Email Gateway Protection uses the most matched rule. For example, if you have configured the following three rules:
  • Rule 1 for subdomain.example.com
  • Rule 2 for *.example.com
  • Rule 3 for *.subdomain.example.com
The match results for different incoming sender domains are as follows:
Incoming Sender Domain
Matched Rule
subdomain.example.com
Rule 1
a.example.com
Rule 2
a.subdomain.example.com
Rule 3
a.b.com
Default rule