What is a FCrDNS check?

A forward-confirmed reverse DNS check (https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS) is an increasingly common anti-spam measure on mailservers, which checks the sending IP of an email to see if the hostname returned has a DNS record matching that same IP address.

For example, if an email reaching a mailserver were to have a sending IP of 127.0.0.1, the server will perform a host lookup on that IP. If the hostname returned is 'server.example.com' the mailserver will then check the DNS record for 'server.example.com'.

Now, say the DNS record for 'server.example.com' does not exist or returns a different IP of 127.2.2.2. If this is the case, since the message claims to be from 'server.example.com' but 'server.example.com' does not resolve to that sending IP address of 127.0.0.1, there is a strong possibility that the message may be forging the sending host, and the mailserver will reject that message. If, however, the 'server.example.com' record points back to that 127.0.0.1 address that it was sent from, the FCrDNS check passes, and the message will move on to the next checks, and/or complete delivery.

The purpose of a FCrDNS check is to cut down on the amount of incoming spam that is processed by the mailserver. Since this check typically happens as soon as a connection is made, before any other header information is sent, a server can reject suspicious messages more efficiently, since it would not be wasting resources processing that header information from suspect senders.

Because spammers often forge information in headers to make it seem like they're coming from other hosts, or perhaps send messages via malicious scripts injected into unrelated websites, the messages will often fail the FCrDNS check. Legitimate senders, however, should typically have these records setup correctly, and may likely never notice that the check is occuring.

Please refer to the following RFC Standards documentation for relevant information on the standard DNS configuration / common server connection errors:

https://tools.ietf.org/html/rfc1912#section-2.1
https://tools.ietf.org/html/rfc7601#section-3

 

  • 5 Korisnici koji smatraju članak korisnim
Je li Vam ovaj odgovor pomogao?

Vezani članci

What is the catchall account?

The "catchall" email account is where all incoming email sent to your domain which isn't...

How do I access my email account using Webmail?

You can access your email account directly from Webmail. If you're not the administrator of the...

Should I use IMAP or POP?

Ultimately the choice between using IMAP or POP connections in your mail client would be a matter...

What is a Real-Time Blacklist (RBL)?

An RBL is a third-party listing of IP addresses which have been reported or detected to have...

Spam Keywords and Phrases to Avoid in Email

#1 $$$ 100% Act now Action Additional income...