Although the Domain Name System (DNS) typically stores IP addresses or hostnames, TXT records also allow the delivery of arbitrary character strings.
One or more character strings in a TXT record can each contain up to 255 characters and are delimited by double quotation marks.¹
1 - Structure
1.1 - Double quotation marks
The character string of a TXT record must be enclosed in double quotation marks.
Some providers do this automatically; no manual entry is necessary in the DNS manager. In internex's Domain Manager Pro, the double quotation marks " must be placed before and after the text; saving is not possible without them.
Below is an example of a TXT record with double quotation marks:
subdomain.domain.tld. 300 IN TXT "this text is in double quotation marks"
1.2 - Length restrictions
Strings in a TXT entry can contain up to 255 characters. If you want to save a longer string, it must be split into two (or more) text strings with a space, and each block must be enclosed in double quotes.
Example of an entry with 255+ characters:
subdomain.domain.tld. 3600 IN TXT "String 1" "String 2"
The length limit is especially relevant for long DKIM keys. Therefore, if you want to save a DKIM key with 2,048 bits (or more) as a TXT record, you cannot insert it as a single text string into an entry with a maximum of 255 characters.
In this case, follow these steps:
Separate the string into multiple parts, each with a maximum of 255 characters, using spaces at any point.
Enclose each substring in double quotes.
Now insert this string into the "TXT Value" field.
1.3 - Permitted Characters
All printable ASCII characters (codes 33 to 126) are generally permitted in TXT records. However, some characters have been disabled in Domain Manager Pro for security reasons. Domain Manager Pro displays an error if they are not permitted.
Spaces can be used, but their relevance depends on the application. Umlauts are not permitted in TXT records.
1.4 - Multiple TXT Records per Domain/Subdomain
It is permitted to create multiple TXT records for the same domain.
However, some systems (e.g., SPF) only require one valid entry; multiple SPF entries can cause problems. Note: For SPF, always combine everything into a single TXT entry instead of creating multiple SPF records.
1.5 - Case Sensitivity
TXT values are generally case-sensitive.
Example: With DKIM, the public key must be entered exactly in the correct spelling.
2 - Examples
TXT records have a wide range of uses. Below are some examples:
SPF (Sender Policy Framework): An SPF is used to store IP addresses or hostnames that are authorized to send mail.²
An SPF is structured as a TXT record, for example, as follows:
domain.tld. 300 IN TXT "v=spf1 include:xserv9999.hybridserver.at -all"
DKIM (DomainKeys Identified Mail): A DKIM is used to verify an email using cryptographic keys. The private key is stored on the mail server and adds a digital signature to outgoing emails. The public key is stored as a TXT record in the domain's DNS zone.³
A DKIM is structured as a TXT record, for example, as follows:
default._domainkey.domain.tld. 300 IN TXT "v=DKIM1;p=WUHZBDufizgeuzfgeszfgsfzegfgzuefgzusegfg37rgfz3gfhg3fiuh8guhz2gfruzghkgfhbfzf8f8fuzhhiuhh9hc9uhchcjckghhcg1gkhkhchkjchkyhhylvjkhkjvhruiowivhjllsjdhfuivweh=="
DMARC (Domain-based Message Authentication, Reporting and Conformance): DMARC builds on SPF and DKIM by specifying how the receiving mail server should authenticate emails and how to proceed in the event of an error.⁴
A DMARC TXT record is structured, for example, as follows:
_dmarc.domain.tld. 300 IN TXT "v=DMARC1;p=none;rua=mailto:[email protected]"
Verification records: To verify to certain providers that the domain truly belongs to you and that you have control over it, it is sometimes necessary to create TXT records with a verification code.
The following is an example of a verification TXT record:
internex-verify.domain.tld. 300 IN TXT "internex-fihu3jofo4n89foixjvjidjvi0skjivjs0"
Sources: