What is a FCrDNS check?

A forward-confirmed reverse DNS check (https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS) is an increasingly common anti-spam measure on mailservers, which checks the sending IP of an email to see if the hostname returned has a DNS record matching that same IP address.

For example, if an email reaching a mailserver were to have a sending IP of 127.0.0.1, the server will perform a host lookup on that IP. If the hostname returned is 'server.example.com' the mailserver will then check the DNS record for 'server.example.com'.

Now, say the DNS record for 'server.example.com' does not exist or returns a different IP of 127.2.2.2. If this is the case, since the message claims to be from 'server.example.com' but 'server.example.com' does not resolve to that sending IP address of 127.0.0.1, there is a strong possibility that the message may be forging the sending host, and the mailserver will reject that message. If, however, the 'server.example.com' record points back to that 127.0.0.1 address that it was sent from, the FCrDNS check passes, and the message will move on to the next checks, and/or complete delivery.

The purpose of a FCrDNS check is to cut down on the amount of incoming spam that is processed by the mailserver. Since this check typically happens as soon as a connection is made, before any other header information is sent, a server can reject suspicious messages more efficiently, since it would not be wasting resources processing that header information from suspect senders.

Because spammers often forge information in headers to make it seem like they're coming from other hosts, or perhaps send messages via malicious scripts injected into unrelated websites, the messages will often fail the FCrDNS check. Legitimate senders, however, should typically have these records setup correctly, and may likely never notice that the check is occuring.

Please refer to the following RFC Standards documentation for relevant information on the standard DNS configuration / common server connection errors:

https://tools.ietf.org/html/rfc1912#section-2.1
https://tools.ietf.org/html/rfc7601#section-3

 

  • 5 Utenti hanno trovato utile questa risposta
Hai trovato utile questa risposta?

Articoli Correlati

What is the catchall account?

The "catchall" email account is where all incoming email sent to your domain which isn't...

How to enable Apache SpamAssassin in cPanel?

Apache SpamAssassin is a mail filter that identifies spam. It is an intelligent email filter that...

How to forward email to Gmail, Yahoo or other e-mail service providers?

Email Account Forwarders:Step 1: Login to your cPanel account.Step 2: In the "Email" Section of...

How do I synchronize my IMAP folders?

To synchronize the IMAP folders, you will need to set your email program's 'IMAP Path Prefix' or...

Why is someone is receiving a rejection / bounceback when sending email to me?

There are a wide variety of reasons why a sender might receive a rejection notice when sending an...