TXT record
A TXT record (short for text record) is a type of resource record in the Domain name system (DNS) used to provide the ability to associate arbitrary text with a host or other name, such as human readable information about a server, network, data center, or other accounting information.[1]
Internet protocol suite |
---|
Application layer |
Transport layer |
Internet layer |
Link layer |
|
It is also often used in a more structured fashion to record small amounts of machine-readable data into the DNS.
Background
A domain may have multiple TXT records associated with it, provided the DNS server implementation supports this.[2] Each record can in turn have one or more character strings.[3] Traditionally these text fields were used for a variety of non-standardised uses, such as a full company or organisation name, or the address of a host.
In 1993 RFC 1464 proposed a simple approach to storing attributes and their values in these text fields. This is now used extensively in:
- Verification of domain ownership[4][5]
- Implementation of Sender Policy Framework,[6]
- DomainKeys Identified Mail records for verifying the sender of email messages;[7]
- Zero-configuration networking DNS-based service discovery.[8][9]
- DMARC policies
Format
As unstructured text, organisations can use the TXT string in any way they define, for example:
example.com. IN TXT "This domain name is reserved for use in documentation"
RFC 1464 defines a structured format that can be used to define attributes and their values in a single record,[2] as in these examples:
host.widgets.com. IN TXT "printer=lpr5" sam.widgets.com. IN TXT "favorite drink=orange juice"
In practice, services using TXT records often do not follow this RFC, but instead have their own specific format.[10][11]
Example usage
The character string from a TXT record used for SPF:
"v=spf1 ip4:192.0.2.0/24 ip4:198.51.100.123 ip6:2620:0:860::/46 a -all"
An example of use for DMARC:
"v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:[email protected];"
Use for site verification:
"google-site-verification=6P08Ow5E-8Q0m6vQ7FMAqAYIDprkVV8fUf_7hZ4Qvc8"
Use for custom email service:
_amazonses.example.com. IN TXT "pmBGN/7MjnfhTKUZ06Enqq1PeGUaOkw8lGhcfwefcHU="
References
- Rich Rosenbaum (May 1993). RFC 1464 Using the Domain Name System To Store Arbitrary String Attributes. IETF. doi:10.17487/RFC1464. RFC 1464. Retrieved 2016-02-05.
- Rosenbaum, R. "Using the Domain Name System To Store Arbitrary String Attributes". Tools.ietf.org. Retrieved 14 October 2018.
- P. Mockapetris (November 1987). "TXT RDATA format". Domain names - implementation and specification. IETF. sec. 3.3.14. doi:10.17487/RFC1035. RFC 1035.
- "Verify your site ownership". Retrieved 18 December 2018.
- "Domain Verification". Facebook. Retrieved 18 December 2018.
- Scott Kitterman (April 2014). "DNS Resource Records". Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1. IETF. sec. 3.1. doi:10.17487/RFC7208. RFC 7208. Retrieved 2014-04-26.
- "About TXT records". Google Apps Administration. Retrieved 2014-08-17.
- S. Cheshire and M. Krochmal, Apple Inc. (February 2013). Multicast DNS. IETF. doi:10.17487/RFC6762. RFC 6762.
- S. Cheshire and M. Krochmal, Apple Inc. (February 2013). DNS-Based Service Discovery. IETF. doi:10.17487/RFC6763. RFC 6763.
- "DNS Record Verification". WebNots. Retrieved 21 December 2018.
- "Amazon SES Domain Verification TXT Records". Amazon. Retrieved 21 December 2018.