What is a TXT record used for?

TXT records are used for email authentication (SPF specifies authorized mail servers, DKIM provides cryptographic signatures, DMARC sets authentication policy), domain verification (proving ownership to services like Google and Microsoft), and storing security policies.

How long can a TXT record be?

A single TXT string is limited to 255 characters, but longer values can be split across multiple strings that DNS servers automatically concatenate. The practical total record size limit is around 4096 bytes with EDNS.

Can I have multiple TXT records?

Yes, a domain can have multiple TXT records at the same name. This is common and valid - many domains have separate TXT records for SPF, site verification, and other purposes.

TXT Record Versatile

Q: What is a TXT record?

A TXT record (Text record) stores arbitrary text data associated with a domain. It's commonly used for email authentication (SPF, DKIM, DMARC), domain verification, and storing machine-readable configuration data.

The TXT record (Text record) stores arbitrary text data associated with a domain name. Originally intended for human-readable notes, TXT records are now crucial for email authentication (SPF, DKIM, DMARC), domain verification, and various other machine-readable purposes.

Look Up TXT Records

Check TXT records for any domain using our free DNS lookup tool.

Look Up TXT Records →

What Is a TXT Record?

A TXT record allows domain owners to store text strings in their DNS. These strings can contain any information, but are most commonly used for:

Email authentication — SPF, DKIM, and DMARC records are stored as TXT records
Domain verification — Proving domain ownership to services like Google, Microsoft, etc.
Security policies — Storing security-related data and certificates
Metadata — Site verification codes, API keys, and other configuration data

TXT Record Format

A TXT record consists of these components:

Component	Description	Example
Name	The domain or subdomain	example.com
Type	Record type identifier	TXT
TTL	Time to live (cache duration in seconds)	3600
Value	Text string (up to 255 chars per string)	"v=spf1 include:_spf.google.com ~all"

Example TXT Record

example.com.    3600    IN    TXT    "v=spf1 include:_spf.google.com ~all"

This TXT record contains an SPF policy that authorizes Google's mail servers to send email for example.com.

Common TXT Record Uses

1. SPF Record (Email Sender Policy)

SPF records specify which mail servers can send email for your domain:

example.com.    3600    IN    TXT    "v=spf1 ip4:192.0.2.0/24 include:_spf.google.com -all"

2. DKIM Record (Email Signatures)

DKIM records contain public keys for email signature verification:

selector._domainkey.example.com.    3600    IN    TXT    "v=DKIM1; k=rsa; p=MIIBIjANBgkq..."

3. DMARC Record (Email Policy)

DMARC records define policy for handling email authentication failures:

_dmarc.example.com.    3600    IN    TXT    "v=DMARC1; p=reject; rua=mailto:[email protected]"

4. Domain Verification

Services require TXT records to verify domain ownership:

; Google Site Verification
example.com.    3600    IN    TXT    "google-site-verification=abc123xyz789..."

; Microsoft 365 Verification
example.com.    3600    IN    TXT    "MS=ms12345678"

; Facebook Domain Verification
example.com.    3600    IN    TXT    "facebook-domain-verification=abcdefg123456"

5. Security Policies

Various security-related information can be stored in TXT records:

; Security contact info (RFC 9116)
_security.example.com.    3600    IN    TXT    "security_contact=mailto:[email protected]"

; MTA-STS hints
_mta-sts.example.com.     3600    IN    TXT    "v=STSv1; id=20240101000000Z"

Multiple TXT Records

A domain can have multiple TXT records at the same name. This is common and valid:

example.com.    3600    IN    TXT    "v=spf1 include:_spf.google.com ~all"
example.com.    3600    IN    TXT    "google-site-verification=abc123..."
example.com.    3600    IN    TXT    "facebook-domain-verification=xyz789..."

Long TXT Records

A single TXT string is limited to 255 characters, but longer values can be split across multiple strings:

example.com.    3600    IN    TXT    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA" "1234567890abcdefghijklmnopqrstuvwxyz..."

DNS servers automatically concatenate these strings when the record is queried.

TXT Record Best Practices

Keep records organized — Document what each TXT record is for, especially verification codes.
Remove obsolete records — Delete verification records for services you no longer use.
Use appropriate TTLs — Email authentication records (SPF/DKIM/DMARC) benefit from longer TTLs (3600+).
Test before production — Verify SPF/DKIM/DMARC records with online validators before enforcement.
Don't exceed limits — Keep total TXT record data reasonable; excessive records can cause DNS issues.
Quote strings properly — TXT values should be enclosed in double quotes.

TXT Record Limits

Limit	Value	Notes
Single string length	255 characters	Split longer values into multiple strings
Total record size	~65,535 bytes	Practical limit is much lower
UDP response size	512 bytes (traditional)	EDNS extends this to ~4096 bytes
SPF DNS lookups	10 lookups	SPF-specific limit per RFC 7208

Reading TXT Records

You can look up TXT records using various command-line tools:

# Using dig
dig example.com TXT

# Using nslookup
nslookup -type=TXT example.com

# Using host
host -t TXT example.com

Troubleshooting TXT Records

Common issues and solutions:

SPF "too many DNS lookups" — SPF is limited to 10 DNS lookups. Flatten your SPF record or use fewer includes.
DKIM verification failing — Check the selector name and ensure the public key is correctly formatted.
Verification not working — Ensure the exact verification string is used, including any prefixes.
Record not appearing — DNS propagation can take time. Wait for TTL expiration and check with different resolvers.
Truncated records — Long TXT records may need to be split across multiple strings.

Check Your TXT Records

Use our DNS Record Finder to look up TXT records for any domain.