It is important to understand that DNS reverse mapping is just a convention, and that reverse mapping is entirely independent of forward mapping. There's nothing in the world that enforces that PTR records for your IP addresses refer to hosts that are actually under your control.
XXX: what's the English name of the gang of crooks who always want to steal Scrooge's money? What's the name of Scrooge's first gold coin?
Assume that there's a network service running on moneybin that lets you control all the alarms and doors etc of the Money Bin if you know the secret password ``GoldDollar''. As an additional protection, moneybin will refuse all connections that do not originate from Scrooge's workstation scrooge.mcduck.com,
We're in the information age, so the crooks have learned a thing or two about computer insecurity. They have their IP network 192.168.4.*, and a DNS server to which reverse mapping of this network has been delegated (i.e. every query for names in the 4.186.192.in-addr.arpa domain wind up at their DNS server). They have one computer named joe.crooks.net whose address is 192.168.4.4.
What they now do is create a PTR record in their DNS that associates 4.4.168.192.in-addr.arpa with the name scrooge.mcduck.com. Then they sit down in front of their computer joe and connect to the network service on moneybin. This service will first want to check whether the connection originates from Scrooge's workstation or not. It therefore obtains the client's IP address (192.168.4.4) and tries to obtain its host name through the DNS. The address is mapped to 4.4.168.192.in-addr.arpa, and the query for a PTR lookup winds up at the crooks' name server, which will return a record containing the domain name scrooge.mcduck.com. The network server on moneybin concludes that the connection is legitimate, and presents the password prompt. Tune in for next week's episode as the crooks wreck their heads trying to guess the right password, and Donald trips over a suspicious Ethernet cable...