Key Takeaways
- DNS TXT records allow the storage of various types of information related to a domain in a readable format.
- These records play a vital role in preventing email spam and spoofing through mechanisms like DKIM, SPF, and DMARC.
- TXT records can be used for domain ownership verification by adding specific records requested by domain registrars.
- There are formatting guidelines for TXT records, especially when dealing with text values longer than 255 characters.
- Utilizing tools for TXT record lookup can simplify the process of retrieving and verifying your domain’s TXT records.
A DNS TXT record (short for text record) is a type of Domain Name System (DNS) record that lets domain owners store text-based information directly in their DNS. While originally designed for simple human-readable notes, TXT records are now widely used for critical functions such as domain verification, email security, and service configuration.
They play an important role in improving security and trust online, helping verify domain ownership, protect against email spoofing, and ensure services work as intended. For example, TXT records are commonly used to implement SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and other authentication methods that stop attackers from sending fake emails under your domain. They’re also essential for domain verification with services like Google Workspace, Microsoft 365, and many third-party apps.
What is a DNS TXT Record
DNS TXT records are text-based records that exist in the DNS zone files. These records are stored in TXT format, which stands for “text.” It’s easily readable by both humans and machines to retrieve information about the domain. TXT records are important for a couple of reasons:
➜ it stores information about any given domain name such as the email address of the webmaster, or even more specific data like the IP address of the web server.
➜ it allows for extra data to be stored with each domain name entry, which can be used by applications like web servers or mail servers to provide additional functionality when processing requests for resources on your domain. For instance, indicating whether or not the zone is a stub, forward only, or slave.
➜ TXT records store more information than just numbers. For instance, an email spam prevention service might use TXT records to help ensure that each of its users’ emails is being sent from a compliant list of IP addresses, using the same SPF policy as the rest of their infrastructure.
➜ A domain ownership verification service might use TXT records to verify that the DNS A records for each domain they own appear in a particular order and have a particular number of CNAMEs pointing back to them.
*Do you know? The SPF record was the preferred method for storing framework policy data. However, in 2014, the SPF record was deprecated and replaced with a new record type called TXT records. This was because it was easy to implement and maintain.
DNS TXT Record Example
TXT records are meant for short, simple text values. They have no strict formatting requirements, but there are some guidelines to follow.
For example, if you were writing a TXT record with a text value longer than 255 characters, you would have to split your value into separate parts and then add each part after the comma in the text field. In addition, each section of text longer than 255 characters must be enclosed in double quotes.
TXT Record format for 255+ characters:
Name of Record | Record Type | Value | TTL |
ABC | TXT | “sample text” “sample text” | 3600 |
TXT Record format for less than 255 characters:
Name of Record | Record Type | Value | TTL |
ABC | TXT | sample text | 3600 |
Simplify Security with PowerDMARC!
Common Uses of DNS TXT Records
TXT records are a useful feature of the DNS. These records can be applied in many different ways like:
Preventing Email Spam & Spoofing
One of the most important uses of DNS TXT records is strengthening email security. Cybercriminals often attempt to send fraudulent messages that appear to come from trusted domains, a tactic known as email spoofing. By publishing specific TXT records like SPF, DKIM, and DMARC, domain owners can authenticate outgoing mail, reduce the risk of spam, and protect both their brand and recipients from phishing attacks.
DKIM Records
A DKIM TXT record is an important step in verifying that email messages are legitimate. These records create a digital signature for each email message that indicates it was signed by a specific individual or organization. This signature is added to each email message as it goes through the system and allows recipients to verify that they have received an authentic email message from a specific sender.
Learn how to configure the protocol with our DKIM setup guide.
DMARC Records
The Domain-based Message Authentication, Reporting & Conformance (DMARC) records are an important type of DNS TXT records. They verify the authenticity of emails sent from a domain and use a set of rules that tell email servers what action to take when an email is received.
The DMARC TXT record contains information about the sender, sender domain, message subject, recipient domain (if applicable), and address validation policy. These determine if an email was sent from a trusted domain or not. If the rules say that an email should be rejected or allowed based on those criteria, it will be rejected or allowed accordingly.
Here’s an example of what a DMARC record might look like in your DNS TXT Records field:
Name | _dmarc.my-example-domain.com |
Value | v=DMARC1; p=quarantine rua=mailto: [email protected] |
TTL | 1800 |
DMARC records are usually in the TXT format and contain information about the domain’s policy on receiving emails from certain domains. It allows the user to define recipient policies for emails that arrive with forged headers or messages that have been altered in transit, which can be used by email clients to determine whether or not to allow delivery.
SPF Records
An SPF record in DNS is a DNS TXT record that tells email servers whether or not to accept messages from a given IP address. The SPF field contains a list of IP addresses and the associated SMTP servers for each IP address, and it allows email servers to check the validity of incoming mail messages from the domain owner before they are delivered to their intended recipients.
SPF records help prevent email spoofing by showing that the IP address of the server carrying out the request is authorized to send mail on behalf of a domain. This prevents anyone else from pretending to be the domain owner and sending out fraudulent messages in their name.
Domain Ownership Verification
The DNS TXT Record acts as a simple, yet powerful tool for verifying domain ownership.
A domain registrar will usually provide you with a verification code, which is an ASCII string that contains the text of your record. The code can be used to query your DNS server and verify that you are the registered owner of the domain.
However, if you want to make sure that your identity is confirmed, there are other ways to go about it. You can add a TXT record to your website’s root directory with a verification string for the domain registrar. This is another way for them to verify ownership of your domain.
Here’s an example of what a domain ownership verification might look like in your DNS TXT Records field:
Name: | blank or @ (depends on provider) |
Record Type: | TXT |
Value: | example-site-verification=35LhR11sr4Lg10vPT4CRT0921opo5dRbYq7TuWzBRYQh |
TTL: | 1800 |
How to Add a DNS TXT Record
Adding a DNS TXT record is a straightforward process, but the exact steps depend on where your domain’s DNS is managed. Whether you’re setting up email authentication, verifying your domain with a service, or configuring security policies, knowing how to add TXT records is an essential skill for domain administrators.
Accessing Your DNS Settings
To create or edit a TXT record, you’ll first need to access your domain’s DNS settings. These settings are usually managed through your domain registrar (like GoDaddy or Namecheap), your hosting provider, or a dedicated DNS management service such as Cloudflare or Google Domains. Keep in mind that only users with administrative access to the domain account can make DNS changes.
Adding the Record
The steps to add a TXT record vary by host, but they generally involve these generic instructions:
- Log into your domain-hosting account.
- Go to your domain’s DNS settings page, which may be called something like ‘Domain Name Management’ or ‘Name Server Settings’.
- Locate the TXT records form for your domain on this page.
- Create an entry of TXT records for the domain and each of its subdomains.
- Save your changes and wait. Expect the changes to take effect within a few minutes or up to 72 hours.
Propagation Time
After you add or update a DNS TXT record, the change won’t be visible everywhere immediately. This delay, known as DNS propagation, is the time it takes for updates to spread across global DNS servers. In many cases, updates are recognized within minutes, but full propagation can take 24–48 hours. Factors that affect propagation include the TTL value you set, how quickly your provider updates its servers, and caching behavior from different internet service providers.
How to Check DNS TXT Records
The process for finding DNS TXT records is relatively simple. It can be done via the command line in operating systems, but it can also be performed through an online TXT Record Lookup Tool.
Command Line
Open a command line and run one of these commands (based on your OS).
✓ For Unix and Linux systems
$ dig TXT your-domain.com
✓ For Windows systems
c:\ > nslookup -type=TXT your-domain.com
The response will be displayed like this:
your-domain.com. 3600 IN TXT “logmein-verification-code=696afg6f-6700-40e4-96r5-561b462c9a26”
Online
The DNS TXT Record Lookup Tool enables you to lookup for a DNS TXT record by entering a domain name or IP address. The tool displays all the available records associated with the given domain name or IP address, including those that have been created recently. You can also perform a reverse lookup via the tool.
Need Help Creating TXT Records?
Have you ever had to create TXT records for email security?
We’ve all been there. You’re trying to make sure your email gets through to the inbox, but you’re not sure what to put in those TXT records that are supposed to help prevent spam from reaching the inbox in the first place.
Well, don’t worry—PowerDMARC has got your back!
We can create TXT Records for email security that will help your business stay compliant with email compliance tools like a DMARC analyzer.
This is especially important because it protects you against phishing attacks and malware. And when you’re fighting phishing attacks, every little bit helps—so let us help.
Frequently Asked Questions
What’s the difference between a DNS TXT record and a CNAME record?
A DNS TXT record stores text-based information, often used for email authentication, domain verification, and service configuration. A CNAME record (Canonical Name record), on the other hand, maps one domain name to another, allowing multiple domain names to point to the same resource. In short, TXT records provide information, while CNAME records handle redirection.
Can a domain have multiple DNS TXT records?
Yes. A domain can have multiple TXT records, and it’s common to see several in use. For example, a domain might have one TXT record for SPF, another for DKIM, one for DMARC, and additional ones for third-party service verification (like Google Workspace or Microsoft 365). DNS servers will process all valid TXT records for a domain.
Do TXT records affect website speed or performance?
No. TXT records do not impact your website’s speed, performance, or SEO. They are only used when a DNS lookup specifically requests TXT data—such as during email authentication or domain verification. Your website will load normally regardless of how many TXT records you have.
- Top 12 Email Phishing Indicators That Expose Scams - October 2, 2025
- SPF Record Syntax: Components, Rules, and Examples - October 2, 2025
- How to Secure Your Email Server: 15 Essential Steps - October 2, 2025