Subnet Mask Cheat SheetRecords Cheat SheetGeoDNS ExplainedFree Network TroubleshooterKnowledge BasePricing CalculatorLive CDN PerformanceVideo Demos
BlogsNewsPress ReleasesIT NewsTutorials
Give us your email and we'll send you the good stuff.
Heather Oliver is a Technical Writer for Constellix and DNS Made Easy, subsidiaries of Tiggee LLC. She’s fascinated by technology and loves adding a little spark to complex topics. Want to connect? Find her on LinkedIn.
While there are lots of different DNS record types, only 10 are widely used—one of which is the Text (TXT) record. This resource covers what a TXT record type is, how it works, and it will also show you an example of what this record looks like.
As you may know, most DNS records contain data in “computer language.” The Text record (TXT), on the other hand, allows you to add both human and machine-readable instructions. This record type serves a variety of purposes, including email spam prevention, domain ownership verification, and framework policies, as well as providing point-of-contact and general information about the domain.
An experimental TXT record format was introduced by the Internet Engineering Task Force (IETF) in 1993, but there are no specific formatting requirements for TXT records. It is important to note that TXT records aren’t meant for large amounts of data. Also, if your value is longer than 255 characters, you’ll need to split the value into multiple parts, with each section over 255 characters enclosed in double quotes. Both values would then need to be added to your TXT record.
Here’s a visual example of separating values over the character limit (I sure wish this worked on Twitter, don’t you?!):
A TXT record acts as an email authenticator in several ways. For one, it establishes that an email comes from a trusted source as it includes all servers authorized to send messages on behalf of a domain. It can also be used to hold public key information and store different policies, such as Domain-based Message Authentication, Reporting & Conformance (DMARC) and, Sender Policy Framework (SPF)—which is a deprecated record, more on that later.
A Domain Keys Identified Mail (DKIM) record is a modified TXT record. This record type hosts public keys attached to specific domains and is used to digitally sign emails. DKIM records act as a security measure, in that they help ensure emails are unaltered during transit.
Domain-based Message Authentication, Reporting, and Conformance (DMARC) records are another type of DNS TXT record. The purpose of a DMARC record is to alert servers to either quarantine, reject, or allow a message to be delivered. It is also used to send reports to specified email addresses.
Here’s an example of how creating a DMARC record would look like in Constellix:
This is an example of what you may receive from your mail provider once you’ve created your DMARC record:
When you upload or edit your TXT record to include pertinent details about your domain, you can prove you control the domain. This way, providers are able to validate ownership. With a TXT record configured for domain ownership verification, the provider requiring verification would be able to query your server and receive ownership confirmation. Alternatively, you can add a TXT file that includes a verification string to the root directory of your web server.
As pointed out earlier, SPF records have been deprecated. These record types are used to verify which IP addresses or fully qualified domain names (FQDNs) are allowed to send mail for a specified domain. While some providers still support them, TXT records are favored, and it’s recommended that you use them in place of SPF records. Since an SPF record is also a type of TXT record and the information within can also be stored in a TXT record, SPFs are redundant.
Tip: Constellix still supports modifications and deletions of SPF records currently in your account, but new or additional configurations must be in TXT record format.
You can use a DNS Lookup tool to test that changes to your TXT records have been propagated and to verify that your domain’s DKIM record is being returned properly. Some helpful lookup tools are:
DNS Tool Box by Constellix
And that’s a wrap on TXT records! The TL;DR of it is that they can include human and machine-readable information, can be used to verify domain ownership, help prevent email spam and spoofing, and can include any other details you feel are necessary for your domain. Just remember the character limit or to split your values, and you’ll be fine. Now, go configure.
If you liked this, you might find this helpful:
Sign up for news and offers from Constellix and DNS Made Easy