All the DNS records we require for email setup are aliases. This means that you can use our platform to create and send emails, but the emails are 'from' you and not from Force24. The values all point to our network, which essentially greenlights us to send on your behalf.
Sending Domain
The Sending Domain (e.g. email.force24.co.uk) will point to track.c.data-crypt.com. This is an alias for 84.18.197.167 which is the IP for our mail sending server. The record also has a TXT value sat behind it which acts as a comprehensive SPF policy. This also allows us to keep the policy updated in one place rather than contacting every client and having them update their records every time we improve or amend the policy to keep up with new industry standards.
Assets
This is where anything loaded into the platform by the client is hosted. This is the client's 'assets'.
Notrack
If a contact chooses to not have anything tracked, the notrack record routes directly to the requested data (e.g. the webpage) without any actions being tracked (e.g. clicks, opens). This is separate to website cookies, which will still track activity if they are accepted. This is to ensure GDPR compliance.
Track
The track record now points to ssltrack.c.data-crypt.com which is an alias of 84.18.201.166. This is a hop link (the record itself doesn't load a page, but it loads and then 'hops' to the next page). It allows us to track click activity via CTAs in emails. The record ssltrack.c.data-crypt.com is fully HTTPS.
Bounce
This record is used to relay email bounce activity to the platform. The record alias for eu.sparkpostmail.com also has SPF policies behind it to allow us to validate reporting.
Key1._domainkey
The DKIM records point to dkim.c.data-crypt.com. This is an alias for a DKIM TXT record value. DKIMs are an email security standard designed to make sure messages aren’t altered in transit between the sending and recipient servers.
Our setup requires two DKIMs to be added, one to the subdomain and one to the top level domain. This is to ensure that the security measures are applied to both the regular sending domain and if a client uses the 'Mask From' feature (this makes emails look like they have been sent from a different sending address, and can allow for replies to be sent to a different address).
_dmarc
The dmarc record is added as a TXT record to control what happens if a message fails authentication. It’s also an email validation system designed to provide visibility into your email delivery, as well as recognize and stop email spoofing. These are an industry standard now and are moving to replace direct SPF validation.
The general online description of its purpose is:
"If a domain has not published a DMARC record, the recipient server makes its own determination if the message should be delivered. With phishing, malware threats, and a variety of other security concerns; the direct value of being able to tell recipient mail servers to quarantine or reject messages that fail DMARC has now become the gold standard for sending legitimate email by blocking fraudsters."
If you have any questions, feel free to reach out to us through the live chat function available bottom right in your Force24 Platform. Our team is ready to assist you and provide support whenever you need it!