In this resource, we’ll cover the Text (TXT) record type. By the end, you’ll know what it is and how it works. You’ll also see several examples of what TXT record values look like.
TXT records are multi-purpose records. While most DNS records contain data only for machines, this record type can also include human-readable instructions. TXT records are commonly used to store contact details and general information about a domain. But they are also used for a “higher” purpose, such as email spam prevention, domain ownership verification, and framework (SPF) policies.
Did you know: Sender framework policy (SPF) records were deprecated in 2014 (see RFC7208 section 3.1)? While some providers still support SPF records, the preferred record for framework policies is the TXT record.
The TXT record was first introduced as an experimental record format in 1993. There are no specific formatting requirements for basic TXT records, but there are some restrictions. These records aren’t meant for large bytes of data. If the text value is longer than 255 characters, you’ll need to split the value into separate parts. Each section over 255 characters must be enclosed in double quotes (see example below).
Here’s a visual example of separating values over the 255 character limit for a TXT record in DNS Made Easy:
Name of record Record type Value TTL
Test TXT “example…example text” “example…example text” 1800
If you’re under the 255 character limit, this is what a basic TXT DNS record would look like:
Name of record Record type Value TTL
Test TXT Your text goes here 1800
There are several ways a TXT record acts as an email authenticator. When configured for this purpose, text records can establish that an email is coming from a trusted source. This is because it would include all servers authorized to send messages on behalf of a domain. TXT records can also hold public key information and store different policies, such as DMARC and framework policies.
A DomainKeys Identified Mail (DKIM) record is a modified TXT record. This type of TXT record hosts public keys attached to specific domains. These keys sign emails digitally. DKIM records also act as a security measure by ensuring emails aren’t tampered with during the delivery process.
Domain-based Message Authentication, Reporting, and Conformance (DMARC) records are another type of modified DNS TXT record. These records instruct servers on how to handle a message. For instance, you could specify a rule to either quarantine, reject, or allow delivery of a message. DMARC records can also be configured to send reports of actions taken by email servers.
Here’s an example of how creating a DMARC record would look like in DNS Made Easy:
You can also prove you control your domain with text records. In most cases, you’ll need the verification code from your domain registrar and admin access to the DNS zone of the domain. This type of TXT record configuration allows providers to query your server and verify ownership. Another way to verify ownership is by adding a TXT file with a verification string to the root directory of your web server.
Let’s take a look at how this would look in a record (verification string used here is just an example).
Name: blank or @ (depends on provider)
Record Type: TXT
The Internet Engineering Task Force (IETF) deprecated SPF records in 2014. Framework policies should now be configured as TXT records. These policies verify which IP addresses or hosts can send mail for a domain. Continuing to use SPF records can cause unexpected issues. If your domain is still using an SPF record, it’s recommended to have a TXT record with identical information, even if your provider still supports SPF.
Tip: DNS Made Easy still supports modifications of existing SPF records in your account, but new configurations must be in TXT record format.
To test or verify your TXT records, you can use a command line utility on Windows, Mac, or Linux. You can also perform a TXT record lookup with an online resource like Constellix’s DNS Lookup Tool. Each of these methods lets you check if changes have propagated. DNS lookups can also verify that records are being returned properly.
And there you have it! The TL;DR of TXT records is that they can include human and machine-readable information. This includes contact details for the domain’s administrator or other pertinent information. TXT record configurations can also be framework policies and domain ownership verifications. They can also be set up as DMARC and DKIM records to prevent email spam and spoofing. If your text value is longer than 255 characters, you’ll need to split the values using double quotes.
If you found this useful, why not share it? If there’s a topic you’d like to know more about, reach out and let us know. We can never talk about DNS enough!
If you liked this, you might find this helpful:
Stay up to date on the latest DNS Made Easy resources and news