Forward Confirmed Reverse DNS Lookup Testing (FCrDNS)

IP to look up:


Why Forward Confirmed rDNS is Important - FCrDNS helps prevent others from spoofing your hosts. If I'm the bad guy and I control the reverse lookup for my IP addresses I can put anything in there. I could pretend to be your bank and try to trick you into giving up your account information. However what I can't spoof is if you do a lookup on the fake name I return and it either doesn't resolve or resolves to a different IP address then you know it's not genuine. If it does resolve to the same IP address then you know it's good. This is because only the domain owner can make FCrDNS work correctly. This is a very important tool in detecting email phishing scams.

Here's how it's suppsed to work. Suppose your IP is 1.2.3.4:

1.2.3.4 --- PTR Record ---> hostname.example.com
hostname.example.com --- A Record ---> 1.2.3.4


The name that is returned by the rDNS lookup needs to point back to the same IP address.

Other Resources: