TXT
Text Record
TXT records store arbitrary text in DNS. They are the foundation for SPF, DKIM, DMARC, BIMI, and domain ownership verification.
Record Type
TXT
Category
Authentication (TXT)
Authentication (TXT)
RFC
RFC 1035 / RFC 7208 / RFC 6376 / RFC 7489
RFC 1035 / RFC 7208 / RFC 6376 / RFC 7489
Email Relevant
Yes
Yes
Format
TXT "arbitrary text string"
Example
TXT "v=spf1 include:_spf.google.com -all"
TTL Guidance
3600 s typical; use lower (300 s) when actively changing authentication records
3600 s typical; use lower (300 s) when actively changing authentication records
💬 What This Record Does
TXT records hold free-form text in DNS. They became the standard container for machine-readable policies once SPF needed somewhere to live, and everything else followed. SPF, DKIM, DMARC, BIMI, MTA-STS, and ownership proofs for Google, Microsoft, and SSL providers all sit in TXT records. A single domain can have many TXT records on the same name.
Common Uses
- Publishing an SPF record to authorise legitimate senders
- Publishing a DKIM public key at a selector subdomain
- Publishing a DMARC policy at _dmarc.example.com
- Domain ownership verification for Google Search Console, Microsoft 365, etc.
⚠️ Watch Out For
- A single TXT string is limited to 255 characters. Longer values must be split into multiple quoted strings (the resolver concatenates them).
- Multiple SPF TXT records on the same name cause a permerror — there must be exactly one.
- TXT record order is not guaranteed — policies that depend on order (there are none) are unreliable.