Usage
TXT records point to plaintext. The value has to be quoted.
Example:
| Type | Name (use @ for root) | Value | TTL |
|---|---|---|---|
| TXT | @ | "hello world" |
|
| TXT | @ | "hello " "world" |
|
| TXT | _dmarc | "v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:holu@example.com;" |
|
| TXT | @ | "google-site-verification=6P08Ow5E-8Q0m6vQ7FMAqAYIDprkVV8fUf_7hZ4Qvc8" |
|
| TXT | @ | "v=spf1 ip4:192.0.2.0/24 ip4:198.51.100.123 a -all" |
|
| TXT | _acme-challenge | "Q29ycmVjdF395JSFRTQ29ycmVjdF395JSFRTQ29ycmVjdF395JSFRT" |
Description
TXT records are a way for you to provide text information about your domain; TXT records may contain all sorts of information about name servers, other networking infrastructure, or even customer accounts. The text can be either machine or human readable. There are also a couple of different kinds of TXT records that administrators commonly use. Here are a few:
| Record | Description |
|---|---|
| Multiple strings | The value of TXT records can consist of multiple sub-strings. Each sub-string has a maximum length of 255 characters. |
| DKIM | DKIM stands for DomainKeys Identified Email. DKIM records are used in validating emails during the process of them being sent. DKIM works using public keys that are added into your DNS zone. Many big email providers will give you these keys for you to enter into your zone as a TXT record. |
| DMARC | DMARC stands for Domain-based Message Authentication Reporting and Conformance; administrators use these records to handle different kinds of malicious emails. The DMARC record makes it easier to identify spam, for example, and what to do with these emails when they are found (for example, reject them and send a report). |
| Site verification | These are often used to prove ownership for a domain. For example, Google often requires that you can prove ownership of your domain before you can use some of their services. Google will then provide a specific string of text for you to add to your domain zone via a TXT record. |
| SPF | Allows mail exchanges to know which hosts are authorized to send mail for a domain. For more information, see the docs entry on SPF. |
| DNS-01 challenge | Domain Validation (DV) for TLS/SSL certificates using DNS-01 challenge with Let's Encrypt |
Originally, TXT records were meant to be human-readable. However, standardized formating now makes it possible for some systems to machine read them, too. But the format may vary widely from one organization to another and depending on the TXT record's purpose.
TXT records sometimes show the domain, then IN TXT, and then the TXT value within quotation marks. It may also include a TTL (time to live).
In the TXT value, first you'll see the attribute, and then an = sign, and then the value for the attribute.
For example:
host.example.com. IN TXT "Hello World"