What is a FCrDNS check?

A forward-confirmed reverse DNS check (https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS) is an increasingly common anti-spam measure on mailservers, which checks the sending IP of an email to see if the hostname returned has a DNS record matching that same IP address.

For example, if an email reaching a mailserver were to have a sending IP of 127.0.0.1, the server will perform a host lookup on that IP. If the hostname returned is 'server.example.com' the mailserver will then check the DNS record for 'server.example.com'.

Now, say the DNS record for 'server.example.com' does not exist or returns a different IP of 127.2.2.2. If this is the case, since the message claims to be from 'server.example.com' but 'server.example.com' does not resolve to that sending IP address of 127.0.0.1, there is a strong possibility that the message may be forging the sending host, and the mailserver will reject that message. If, however, the 'server.example.com' record points back to that 127.0.0.1 address that it was sent from, the FCrDNS check passes, and the message will move on to the next checks, and/or complete delivery.

The purpose of a FCrDNS check is to cut down on the amount of incoming spam that is processed by the mailserver. Since this check typically happens as soon as a connection is made, before any other header information is sent, a server can reject suspicious messages more efficiently, since it would not be wasting resources processing that header information from suspect senders.

Because spammers often forge information in headers to make it seem like they're coming from other hosts, or perhaps send messages via malicious scripts injected into unrelated websites, the messages will often fail the FCrDNS check. Legitimate senders, however, should typically have these records setup correctly, and may likely never notice that the check is occuring.

Please refer to the following RFC Standards documentation for relevant information on the standard DNS configuration / common server connection errors:

https://tools.ietf.org/html/rfc1912#section-2.1
https://tools.ietf.org/html/rfc7601#section-3

 

  • 5 أعضاء وجدوا هذه المقالة مفيدة
هل كانت المقالة مفيدة ؟

مقالات مشابهة

How to Create Account Level/Global Email Filter in cPanel to Fight Spam?

It's hard to completely stop spam e-mail but you can filter it, discard it, deliver it to...

How to enable Apache SpamAssassin in cPanel?

Apache SpamAssassin is a mail filter that identifies spam. It is an intelligent email filter that...

Spam Keywords and Phrases to Avoid in Email

#1 $$$ 100% Act now Action Additional income...

What is the catchall account?

The "catchall" email account is where all incoming email sent to your domain which isn't...

How is Inbound Email Filtered?

Server-LevelThe first level of filtering on inbound mail is server-level; this goes through basic...