TXT Record
Free-text DNS record — used for SPF, DKIM, DMARC and domain verification tokens.
What is a TXT record
The TXT record is a DNS type that stores free-form text. It was originally designed for human-readable notes (e.g. «this domain belongs to company X»), but has evolved into the go-to storage location for machine-readable information.
Most common uses
- SPF —
v=spf1 include:_spf.google.com ~all - DKIM public keys — at
{selector}._domainkey.example.com - DMARC policy — at
_dmarc.example.com - MTA-STS signal — at
_mta-sts.example.com - BIMI records
- Domain verification (Google, Microsoft, Facebook, Apple) — a quick way to prove you control the domain
Example
example.com. IN TXT "v=spf1 include:_spf.google.com ~all"
example.com. IN TXT "google-site-verification=abcdef1234567890"
example.com. IN TXT "MS=ms12345678"A domain can have multiple TXT records simultaneously — just not multiple records of the same «category» (e.g. two SPF records are not allowed).
Size limits
Each TXT string has a limit of 255 characters. For larger values (2048-bit DKIM public keys), split the value into multiple strings:
selector1._domainkey.example.com. IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb..." "ABCdefgh1234..."The resolver automatically concatenates the strings in the response.
SPF flat / merge issue
Multiple SPF records (those starting with v=spf1) are not allowed. If you need
to authorize multiple sender groups, merge them into one SPF record:
example.com. IN TXT "v=spf1 include:_spf.google.com include:mailgun.org include:_spf.salesforce.com ~all"