Forward Confirmed reverse DNS

Forward Confirmed reverse DNS

FCrDNS, or Forward Confirmed Reverse DNS, is when an IP address has both forward (name -> IP) and reverse (IP -> name) DNS entries that match each other. The process is outlined in RFC 1912, especially section 2.1. First a reverse DNS lookup is done to get a list of PTR records (usually there is only one, but there can be more than one). For each domain name mentioned in the PTR records, a regular DNS lookup is done to see if any of the A or AAAA records match the original IP address. If there is a forward DNS lookup that confirms one of the names given by the reverse DNS lookup, then the FCrDNS check passes.

A FCrDNS verification can create a weak form of authentication that there is a valid relationship between the owner of a domain name and the owner of the network that has been given an IP address. While weak, this authentication is strong enough that it can be used for whitelisting purposes because spammers and phishers can not usually by-pass this verification when they use zombie computers to forge the domains.

A FCrDNS verification can also establish that the network owner and the domain owner both have at least a very basic understanding of the RFCs and can correctly configure things. That is, they have followed the instructions in RFC 1033 on "Adding a host". There is a statistical correlation between machines that send spam and machines that fail FCrDNS checks, but correlation does not imply causation and many network owners simply can not configure the rDNS because their upstream providers either can't or won't delegate the rDNS.Fact|date=March 2008

Uses

* Most e-mail mail transfer agents (server software) use a FCrDNS verification and if there is a valid domain name, put it into the "Received:" trace header field.
* Some e-mail mail transfer agents will perform FCrDNS verification on the domain name given on the SMTP HELO and EHLO commands. This can violate RFC 2821 and so e-mail is usually not rejected by default.
* The Sender Policy Framework e-mail anti-forgery system uses a FCrDNS check in its "ptr:" mechanism.
* Some e-mail spam filters will use FCrDNS checks to try to detect forged domain names or for whitelisting purposes. [http://tools.ietf.org/html/draft-kucherawy-sender-auth-header]
* SpamCop uses the FCrDNS check, which sometimes causes problems for SpamCop users who are also customers of internet service providers who do not provide properly matching DNS and rDNS records for their mail servers. [http://forum.spamcop.net/forums/index.php?act=findpost&pid=36027] [http://forum.spamcop.net/forums/index.php?act=findpost&pid=41615]
* Some FTP, Telnet and TCP Wrapper servers will perform FCrDNS checks.Fact|date=March 2008

External links

* [http://tools.ietf.org/html/draft-ietf-dnsop-reverse-mapping-considerations Considerations for the use of DNS Reverse Mapping] (Internet draft)
* [http://ipadmin.junkemailfilter.com/rdns.php Forward Confirmed RDNS testing tool]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать курсовую

Look at other dictionaries:

  • Forward-confirmed reverse DNS — (FcrDNS) oder genauer forward confirmed reverse DNS lookup bezeichnet zwei hintereinander ausgeführte DNS Anfragen, bei denen zunächst zu einer IP Adresse der zugehörige Name ermittelt wird (sogenannter reverse DNS lookup), und anschließend zu… …   Deutsch Wikipedia

  • Reverse DNS lookup — This article is about the network process of reverse DNS lookup. For other meanings, see Reverse DNS (disambiguation). Contents 1 IPv4 reverse resolution 1.1 Classless reverse DNS method …   Wikipedia

  • Anti-spam techniques — To prevent e mail spam (aka unsolicited bulk email), both end users and administrators of e mail systems use various anti spam techniques. Some of these techniques have been embedded in products, services and software to ease the burden on users… …   Wikipedia

  • Anti-spam techniques (e-mail) — To prevent e mail spam, both end users and administrators of e mail systems use various anti spam techniques. Some of these techniques have been embedded in products, services and software to ease the burden on users and administrators. No one… …   Wikipedia

  • Domain Name System — (DNS) Familie: Internetprotokollfamilie Einsatzgebiet: Namensauflösung Ports: 53/UDP, 53/TCP DNS im TCP/IP‑Protokollstapel: Anwendung DNS Transport …   Deutsch Wikipedia

  • Domain Name System — The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the… …   Wikipedia

  • Email spam — An email box folder filled with spam messages. Email spam, also known as junk email or unsolicited bulk email (UBE), is a subset of spam that involves nearly identical messages sent to numerous recipients by email. Definitions of spam usually… …   Wikipedia

  • Backscatter (email) — Backscatter (also known as outscatter, misdirected bounces, blowback or collateral spam) is incorrect automated bounce messages sent by mail servers, typically as a side effect of incoming spam. Recipients of such messages see them as a form of… …   Wikipedia

  • TCP Wrapper — NOTOC Infobox Software name = TCP Wrapper caption = developer = Wietse Venema latest release version = v0.7.6 operating system = Unix like genre = Security license = BSD license website = [ftp://ftp.porcupine.org/pub/security/index.html] TCP… …   Wikipedia

  • DNSBL — A DNSBL (DNS based Blackhole List, Block List, or Blacklist; see below) is a list of IP addresses published through the Internet Domain Name Service (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”