iOS 18 supports Rich Communication Services (RCS) for a richer messaging experience with other mobile platforms. On our corporate networks, we found that RCS messages were not being received by clients. Our network policies are “deny all, permit by exception”, so our security team dug in to fix it.
They found blocks for multiple carrier-related DNS names all for TCP port 5223:
- fp-us-att.rcs.telephony.goog
- fp-us-carrier-spectrum.rcs.telephony.goog
- fp-us-tmobile.rcs.telephony.goog
- fp-us-verizon.rcs.telephony.goog
- fp4-us-verizon.rcs.telephony.goog
- fp-us-xfinity.rcs.telephony.goog
All of these DNS names resolve to a single IP address: 216.239.36.131
Adding a rule to our firewall for destination 216.239.36.131 on tcp/5223 allowed the messages to flow.
Your mileage may vary with different carriers in other countries.
macadmin.fraserhess.com 
Leave a comment