What is a DNS TXT record?

Question

DNS TXT (text) records store arbitrary text data associated with a domain name. They are the backbone of email security.

**Common uses of TXT records:**

**Email authentication:**
- **SPF**: `v=spf1 include:_spf.google.com -all`
- **DKIM**: `v=DKIM1; k=rsa; p=MIIBIjAN...` (at selector._domainkey)
- **DMARC**: `v=DMARC1; p=reject; rua=mailto:...` (at _dmarc)
- **MTA-STS**: `v=STSv1; id=20240101` (at _mta-sts)
- **BIMI**: `v=BIMI1; l=https://.../logo.svg` (at default._bimi)

**Domain verification:**
- Google: `google-site-verification=abc123...`
- Microsoft: `MS=ms12345678`
- Facebook: `facebook-domain-verification=abc123`

**Security:**
- **DANE/TLSA**: Certificate pinning for TLS
- **CAA**: Certificate Authority Authorization
- **_security TXT**: Security contact information

**TXT record limits:**
- Maximum 255 characters per string (can be split into multiple strings)
- Multiple TXT records allowed per name
- No practical limit on number of TXT records
- SPF must be a single TXT record (not split across multiple)

**How to add a TXT record:**
1. Log into your DNS provider (Cloudflare, Route 53, etc.)
2. Add a new TXT record
3. Set the name (@ for root, or a subdomain like _dmarc)
4. Enter the value
5. Save and wait for propagation

Check your TXT records: https://intodns.ai (scan your domain to see all DNS records)

IntoDNS.AI · Accepted Answer

DNS TXT (text) records store arbitrary text data associated with a domain name. They are the backbone of email security.

**Common uses of TXT records:**

**Email authentication:**
- **SPF**: `v=spf1 include:_spf.google.com -all`
- **DKIM**: `v=DKIM1; k=rsa; p=MIIBIjAN...` (at selector._domainkey)
- **DMARC**: `v=DMARC1; p=reject; rua=mailto:...` (at _dmarc)
- **MTA-STS**: `v=STSv1; id=20240101` (at _mta-sts)
- **BIMI**: `v=BIMI1; l=https://.../logo.svg` (at default._bimi)

**Domain verification:**
- Google: `google-site-verification=abc123...`
- Microsoft: `MS=ms12345678`
- Facebook: `facebook-domain-verification=abc123`

**Security:**
- **DANE/TLSA**: Certificate pinning for TLS
- **CAA**: Certificate Authority Authorization
- **_security TXT**: Security contact information

**TXT record limits:**
- Maximum 255 characters per string (can be split into multiple strings)
- Multiple TXT records allowed per name
- No practical limit on number of TXT records
- SPF must be a single TXT record (not split across multiple)

**How to add a TXT record:**
1. Log into your DNS provider (Cloudflare, Route 53, etc.)
2. Add a new TXT record
3. Set the name (@ for root, or a subdomain like _dmarc)
4. Enter the value
5. Save and wait for propagation

Check your TXT records: https://intodns.ai (scan your domain to see all DNS records)

What is a DNS TXT record?

Detailed Answer

Check your domain now

Related Questions

What is SPF, DKIM, and DMARC?

What is DNS propagation and how long does it take?

What is DNSSEC and why does it matter?