What is a FCrDNS check?

A forward-confirmed reverse DNS check (https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS) is an increasingly common anti-spam measure on mailservers, which checks the sending IP of an email to see if the hostname returned has a DNS record matching that same IP address.

For example, if an email reaching a mailserver were to have a sending IP of 127.0.0.1, the server will perform a host lookup on that IP. If the hostname returned is 'server.example.com' the mailserver will then check the DNS record for 'server.example.com'.

Now, say the DNS record for 'server.example.com' does not exist or returns a different IP of 127.2.2.2. If this is the case, since the message claims to be from 'server.example.com' but 'server.example.com' does not resolve to that sending IP address of 127.0.0.1, there is a strong possibility that the message may be forging the sending host, and the mailserver will reject that message. If, however, the 'server.example.com' record points back to that 127.0.0.1 address that it was sent from, the FCrDNS check passes, and the message will move on to the next checks, and/or complete delivery.

The purpose of a FCrDNS check is to cut down on the amount of incoming spam that is processed by the mailserver. Since this check typically happens as soon as a connection is made, before any other header information is sent, a server can reject suspicious messages more efficiently, since it would not be wasting resources processing that header information from suspect senders.

Because spammers often forge information in headers to make it seem like they're coming from other hosts, or perhaps send messages via malicious scripts injected into unrelated websites, the messages will often fail the FCrDNS check. Legitimate senders, however, should typically have these records setup correctly, and may likely never notice that the check is occuring.

Please refer to the following RFC Standards documentation for relevant information on the standard DNS configuration / common server connection errors:

https://tools.ietf.org/html/rfc1912#section-2.1
https://tools.ietf.org/html/rfc7601#section-3

 

  • 5 Users Found This Useful
這篇文章有幫助嗎?

相關文章

How to enable Apache SpamAssassin in cPanel?

Apache SpamAssassin is a mail filter that identifies spam. It is an intelligent email filter that...

What is the maximum size of email attachments?

While our email system currently supports a maximum message size of 50MB, this doesn't...

Should I use IMAP or POP?

Ultimately the choice between using IMAP or POP connections in your mail client would be a matter...

What is the catchall account?

The "catchall" email account is where all incoming email sent to your domain which isn't...

Spam Keywords and Phrases to Avoid in Email

#1 $$$ 100% Act now Action Additional income...