What is a TXT record?
TXT records contain text information for sources outside of your domain. TXT records can be used by administrators to insert any arbitrary text data or notes for various services to read. A domain may have several TXT Records and you can put any text you want within a TXT Record.
You may have come across a web hosting provider or email service provider who asked you to add a random TXT record for your domain to verify your ownership of the domain name. Another common use of TXT records is to ensure email security through the use of SPF and DKIM record (a form of TXT record).
TXT record format
A typical TXT record looks like the following in standard BIND format:
An anatomy Of the CNAME Record$ORIGIN example.com. ; designates the start of this zone file in the namespace@ 3600 IN TXT "You can put any text" ; A TXT record for example.com.@ 3600 IN TXT "v=spf1 a:mail.example.com -all" ; An SPF record for example.com.mail._domainkey 3600 IN TXT "k=rsa; p=somekey" ; A DKIM public key record.
@ 3600 IN TXT "You can put any text"
looks like the below:
Host Label | TTL | Record Class | Record Type | TXT Data |
---|---|---|---|---|
example.com. | 3600 | IN | TXT | "You can put any text" |
It defines the hostname of a record and whether the hostname will be appended to the label. Fully qualified hostnames terminated by a period will not append the origin.
TTL
The time-to-live in seconds. It specifies how long a resolver is supposed to cache or remember the DNS query before the query expires and a new one needs to be done.
Record Class
Mainly 3 classes of DNS records exist:
- IN (Internet) – default and generally what internet uses.
- CH (Chaosnet) – used for querying DNS server versions.
- HS (Hesiod) – uses DNS functionality to provide access to databases of information that change infrequently.
The record format is defined using this field. Common record types are A, AAAA, CNAME, CAA, TXT etc. In the case of a TXT record, the record type is TXT.
TXT Data
Free form text of any type. It may contain any printable ASCII symbols but the maximum length is 255 characters only. You may have more than 255 characters of data in a TXT record, but not more than 255 characters in a single string. To get around this limitation, per RFC 4408 a TXT record is allowed to contain multiple strings, which should be concatenated together by the reading application.
SPF (Sender Policy Framework) record
A Sender Policy Framework (SPF) record tells the rest of the Internet which email servers are allowed to send emails for a domain. This helps reduce spam by letting the recipient's mail servers check an email's sending IP against the domain's SPF record. If the two do not match, the recipient's mail server has the option to reject the message or flag it as spam. You can use our SPF Generator tool to generate an SPF record for your domain name.
DKIM record
DKIM stands for Domain Keys Identified Email and it is a way of 'signing' emails to prove they are delivered by the organization that has the right to do so and prevents spammers from stealing the identity of legitimate entities.
DKIM uses a pair of public and private keys - the private key is known only to you and is stored on the sending mail server to create the signature. The public key is available to anyone and can be used to verify that the correct private key was used. What we are adding to the DKIM TXT record is the public key. Our DKIM Generator tool allows you to easily create a public and private key pair to be used for DomainKeys and DKIM signing.
The Text Data in a DKIM records looks like the below:
"k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDEw6ozU8mresid04BQoTT9GXBw8RAXx7X0xo4ZxN/lU5CNrj5RLmi7BV4WRF8A12sLdmOAAqwYtp0yQsZmeNxh6rUjKPQ9I9YYfOyHGaipQ4DpLz/Qh3l20kSWhKmT2CHgj14IzBQLYtzQxwxJGxcuPTjA/x/Ej7ZmKmS2QzLi1feNqLog4Su4N7/JlAkJkSPCMe/EPU90dgGbkCaaEn1ROBETARiqCoGUe9YMrAQT2AtewGq5Aw47Vi3pTLOZeOk2xpsFMV3SUk0tyPJ3jFONCztsjnAVQW3vVTjbfeBXOUxHgAX+98+hLxtLY8cycZYDkM63L+OB3limBgwIgQQIDAQAB"
The Name of the DKIM record is usually in the format of something._domainkey.example.com.
The something is called a selector and it is used to find DKIM public key information.
It is specified as an attribute for a DKIM signature and is recorded in the DKIM-Signature header field.
How to add a TXT record?
For instructions on how to add a TXT record with us, you may refer to the tutorial here.
TXT record glossary
ASCII
Acronym for American Standard Code for Information Interchange. It is a standard that assigns letters, numbers, and other characters in the 256 slots available in the 8-bit code. ASCII characters include the common characters from the Latin-based languages - A-Z alphabet, numbers (0-9) and hyphens (-) characters. Alphabets in Arabic, Hebrew, French, Cyrillic, and Chinese such as é, ë, ê, è would be non-ASCII characters.
BIND
Berkeley Internet Name Daemon - is the most commonly used DNS software on the Internet and Dynu observes BIND format.
Email Header
A section of an email detailing particular routing information of the email such as the sender, recipient, date and subject. Some headers such as the FROM, TO and DATE headers are mandatory.
Email Spoofing
Email spoofing is when the sender of an email forges (spoofs) the email header "From" address so the email being sent appears to have been sent from a legitimate email address that is not the spammer's own address.