How to Enter TXT Values in Google Cloud DNS?
by
Reading Time: 5 min
Google Cloud DNS is a valuable resource, however, its interface can make it complex to add Google TXT records. If you aren’t a pro with it, you might make mistakes and Google will strip all whitespace from your input. You may also encounter invalid record data errors that are difficult to manage if you aren’t careful.
That’s why we’ve brought this blog that explains how to enter TXT values in Google Cloud DNS. Keep reading till the end- we’ve also explained how to verify Google TXT records.
Key Takeaways
- Google Cloud DNS can be complex to navigate, especially when adding TXT records.
- TXT records are essential for domain ownership verification and email security protocols like SPF, DKIM, and DMARC.
- Following a step-by-step approach can help you effectively add and verify Google TXT records.
- It is important to verify TXT records to avoid errors and ensure proper functioning of your domain.
- Maintaining and updating TXT records can enhance email authentication and protect against phishing and spam attacks.
Introduction to Google Cloud DNS
Google Cloud DNS is an efficient global Domain Name System service that’s used for publishing domain names. It’s the second most popular cloud DNS in the top 1 million sites in the enterprise DNS category. You can store, manage, and view your IP addresses and other data. You can access both public and privately managed zones. Moreover, it creates internal DNS names for VMs automatically, even for non-users.
Google Cloud DNS forwarding zones configure target name servers for individual private zones to set outbound DNS forwarding from the VPC or Virtual Private Cloud network.
Simplify Security with PowerDMARC!
Importance of TXT values
Google TXT record allows you to enter text into the DNS. It was originally introduced as a zone where human-readable notes can be stored, but now you can also enter machine-readable notes. It’s more commonly used by Google and Gmail as a means of spam and phishing prevention and domain ownership verification.
You get a TXT Google record to be added to your domain settings when you start using a Google Cloud DNS account. When Google detects that you have successfully added the TXT record, it verifies your domain ownership.
It’s also used for securing emails to avert malicious activities attempted by hackers. This is done using:
- SPF records that highlight emails sent by unauthorized entities.
- DKIM protocol that uses encryption to protect email messages sent from your domain.
- DMARC authentication that instructs recipients’ mailboxes about how to handle emails checked by SPF and DKIM.
- BIMI process that helps you add a verified brand logo to emails authenticated with DMARC.
- MTA-STS that’s used to enhance security for SMTP connections when both sending and receiving servers use this standard.
Adding Google TXT record: Step-By-Step Instructions
Here are some prerequisites for adding Google TXT records:
- An active account with Managed Google Cloud.
- A properly configured DNS zone file.
- An email address.
Step-By-Step Instructions
- Login to your Google Cloud account.
- Click on Networking, go to Networking Services, and select Cloud DNS.
- You will be taken to the Google Cloud DNS configuration page where you can see the current zone record.
- Click on your zone name and you will come across a page showing detailed settings information for your zone.
- Click on Add Record Settings.
- Create your record using the reference from the table below:
Enter the information above into your Google Cloud DNS
| DNS Name | Enter- _validation-contactemail |
| Resource Record Type | Choose the right option from the drop-down list. |
| TXT Data | A properly functioning email address. |
- Select the Create button to save the entry. Your Google TXT record is created in your zone file.
- Post setup, it may take up to 12 hours to propagate the DNS information to the DNS server.
- Verify your Google TXT record using the steps mentioned below.
Verifying Google TXT records
Verifying Google TXT records ensures there is no error in it. You can do this using a DNS TXT record lookup tool that lets you query your DNS to review the record published on your domain. It reveals if there are any syntax or configuration errors in your records. You can easily remediate the errors to ensure your website runs properly. It helps you verify ownership of your domain and the email address linked to it. An error-free Google TXT record is important to implement SPF, DKIM, and DMARC protocols for enhanced email security.
Verifying it helps you set up DNS CNAME records and handle online contact forms, surveys, and other similar forms that involve heavy text inputs.
Updating and Maintaining TXT Records in Google Cloud DNS
You can update and maintain TXT values in Google Cloud DNS by creating and executing a transaction that specifies the operation you want to do. Transaction refers to a group of one or more record changes promulgating together.
Follow these steps to update Google TXT records:
- Log into your Google Cloud DNS dashboard.
- Select the domain where you have to update the TXT record. If you have chosen the card view, then click the manage button. If you have chosen the list view, click the gear icon on the right-hand side.
- Click DNS & Nameservers in the left-hand menu.
- Click on the DNS Record tab on the DNS & Nameserver page.
- You can add a new TXT record by clicking the blue + button.
- Or scroll to the bottom for TXT records and click on the 3 dots.
- Make your revisions and click on Update DNS.
The Role of TXT Values in Email Security: SPF, DKIM, and DMARC
TXT values are also play a key role in email authentication implementations. These values are used by external email servers to carry out SPF, DKIM, and DMARC authentications and understand the sender’s security instructions. SPF or Sender Policy Framework use these values to enlist all the IP addresses authorized to send emails using your domain. This helps recipients’ mailboxes know that the emails are coming from a trusted source which helps filter out spam and threat actors impersonating you or someone from your company.
DKIM uses a cryptographic authentication method to secure emails. It’s done by creating DKIKM public and private keys that are entered in the DNS record sometimes as TXT values.
TXT values in DMARC instruct recipients’ mailboxes about how to treat emails failing SPF and DKIM authentication checks. Based on the policy set the emails can be rejected, quarantined, or no action is taken at all.
Domain & Email Security Expert at PowerDMARC
Ahona is the Marketing Manager at PowerDMARC, with 5+ years of experience in writing about cybersecurity topics, specializing in domain and email security. Ahona holds a post-graduation degree in Journalism and Communications, solidifying her career in the security sector since 2019.
Latest posts by Ahona Rudra (see all)
- What Is Spam Email? Definition, Types & How to Stop It - July 11, 2025
- How to Tell if an Email Is Fake: Red Flags to Watch Out For - July 11, 2025
- Have I Been Pwned? Steps to Check, Fix, and Stay Safe - July 11, 2025
