TXT Record
DNSTXT Record is a DNS record type that stores human-readable text strings for a domain and makes them retrievable by DNS queries. It is widely used to publish verification tokens and email authentication policies such as SPF, DKIM, and DMARC. TXT records do not route traffic, but they help prove domain ownership and reduce spoofing and phishing risks.
How It Works
A TXT record is added to a domain's DNS zone as a name (host), a value (one or more text strings), and a TTL (how long resolvers cache it). When a service needs to verify your domain or check a policy, it performs a DNS lookup for the TXT record at a specific label, such as the root (example.com), a subdomain (app.example.com), or a special selector-based name (selector._domainkey.example.com for DKIM).
Although the value is "text," it is typically structured data with strict formatting. For example, SPF uses a version tag and mechanisms (v=spf1 ...), DKIM publishes a public key, and DMARC defines alignment and reporting rules under _dmarc.example.com. TXT records can be split into multiple quoted strings by DNS systems and reassembled by clients, so correct syntax and placement matter for successful validation.
Why It Matters for Web Hosting
When choosing a hosting plan or moving DNS, TXT record control is essential for email deliverability and for integrating third-party services. If your host bundles DNS management, you need an interface that supports adding multiple TXT records, editing long values (like DKIM keys), and setting records on the correct subdomain labels. Misconfigured TXT records can cause failed domain verification, broken email sending, or messages landing in spam.
Common Use Cases
- SPF policies to authorize sending mail servers for a domain
- DKIM public keys to sign outgoing email and prove message integrity
- DMARC policies and reporting addresses to reduce spoofing and improve deliverability
- Domain ownership verification for SSL/TLS issuance, CDN setup, or SaaS onboarding
- Site and service verification for analytics, search tools, and app integrations
- Custom security or configuration flags used by specific applications
TXT Record vs CNAME Record
A TXT record publishes data (policies, tokens, keys) at a name, while a CNAME record aliases one DNS name to another hostname. Use TXT when a service asks you to place a verification string or an email authentication policy. Use CNAME when you need a hostname to resolve by pointing it to another hostname (often for app endpoints). A single name generally cannot have both a CNAME and other record types, so providers sometimes offer alternative TXT-based verification to avoid conflicts.