Home/Knowledge Hub/TXT Records: Simple Notes That Power Email and Verification
← Back to Knowledge Hub

TXT Records: Simple Notes That Power Email and Verification

DNS & Network·June 3, 2026·6 min read

TXT records store text-based data in your domain DNS, powering SPF, DKIM, DMARC, and site verification. Learn how they work and why they matter.

How TXT Records Work

You’re setting up something important—maybe email authentication for your company’s domain, or a verification code for Google Workspace. The instructions say “add a TXT record” to your domain. But what does that even mean? A TXT record is a flexible note you can attach to your domain in the Domain Name System (DNS). It’s essentially a public sticky note that anyone on the internet can read to check things like ownership or configuration. Unlike other DNS records that have rigid purposes (A records point to web servers, MX directs email), a TXT record lets you write freeform text. The internet community has agreed on how to use them for specific tasks—especially for email security and domain verification. Whether it’s proving you own your domain to Google, telling email receivers which servers can send your company’s emails, or setting up a DMARC policy, the message goes into a TXT record. Think of it as a universal message board entry that services can look up anytime they need to confirm something about your domain.

Real-World Analogy

Imagine a community bulletin board where each house has a mailbox and a small slot for a note card. Most neighbors use cards for specific things—one for forwarding mail, another for listing phone numbers. But there’s also a blank card where anyone can write whatever they want. The postal service doesn’t enforce a format, but everyone agrees to write certain notes there: “Only postal worker Bob can deliver from this house” (SPF), or “Make sure the package has this secret sticker” (DKIM). That blank card is your TXT record—simple, flexible, and surprisingly powerful.

Here’s the plain-English version: When you add a TXT record, you’re leaving a public note on your domain’s listing in the internet’s phonebook. Any service that needs to know something about your domain can look up that note. For example, when you claim your domain on Google Workspace, Google tells you to add a TXT record with a specific code. Google then checks your domain’s notes, finds the code, and confirms you’re the real owner. Email works the same way: your email provider says, “Check the TXT record for a note about authorized senders.” The receiving server reads that note and decides if the email is legit. No complex handshakes—just a publicly readable note doing its job quietly.

Technical Details
A TXT record has a name (or host) and a value. The name tells which part of the domain the note applies to. For the root (e.g., example.com), use or leave blank. For a subdomain like , type .
The value is the text string. For SPF: . For DKIM: (the public key). For DMARC: .
Multiple TXT records can exist on the same name, but duplicate records with the same purpose (like two SPF records) can cause conflicts. A domain can have one SPF record via a single TXT record.
A single TXT record can hold up to 255 characters per string. If you need more, you can split the value into multiple strings inside parentheses. Most email authentication values fit in one string.
TTL (Time to Live) controls how long other servers cache the record before checking back. Default is usually fine (3600 seconds).

Why It Matters for Your Business

When your TXT records are set up correctly, your business email reaches customers’ inboxes reliably. SPF and DKIM TXT records prove you’re the legitimate sender, so marketing campaigns don’t get flagged as spam, sales follow-ups land where they should, and support replies aren’t lost in junk folders. Domain verification for Google Workspace, Microsoft 365, or other cloud services works on the first try, saving you hours of back-and-forth.

On the flip side, missing or broken TXT records can silently cripple your communication. Emails might bounce or vanish into spam folders. Customers could receive convincing phishing emails that look like they came from your business, damaging trust. And you might not be able to complete simple verifications that your SaaS tools require. These aren’t IT problems—they’re business problems that affect revenue, reputation, and efficiency.

Marketing leaders, sales managers, and support heads: if your team relies on email, you have a stake in this. A quick TechSpy scan of your domain can reveal whether your TXT records are doing their job or leaving you exposed.

Common Issues and Warning Signs

Most TXT record troubles fall into a few familiar patterns. Maybe someone tried to set up email authentication but pasted the value slightly wrong. Maybe two records conflict with each other. Or maybe the record was never created at all. The business impact can be dramatic, but the symptoms are often subtle until you look.

Common Issues

Emails landing in spam or bouncing — Often means SPF or DKIM TXT records are missing, malformed, or duplicated.
“via” or “on behalf of” warnings in Gmail or Outlook — Indicates your domain lacks an SPF or DKIM record, so the receiving inbox can’t verify your sender identity.
Domain verification fails repeatedly — A slipped character or missing quote in the TXT value can cause services like Google Workspace to reject the verification attempt.
Phishing emails using your domain — No DMARC record (which lives in a TXT record) means there’s no policy telling receivers to reject fake messages. Your brand can be spoofed with zero resistance.
TechSpy scan flags “No TXT record found” or “SPF/DKIM/DMARC missing” — That’s your direct signal that a critical note is absent from your domain’s bulletin board.

How to Fix or Improve Your TXT Records

Fixing a TXT record is usually straightforward, whether you have direct access to your DNS settings or need to involve your IT person. The exact steps vary by provider, but the process is the same: add a new record of type TXT, fill in the name and value, and save.

A clean set of TXT records means your domain can speak clearly to email servers and verification tools. When something’s off, TechSpy highlights it in plain language—so you know exactly what to fix, even if you never touch DNS yourself.

<!-- self-check: layer1_readable=true | fix_doable=true | no_padding=true | jargon_expanded=true -->

1Log into your domain registrar or DNS hosting provider (GoDaddy, Cloudflare, Namecheap, AWS Route 53, etc.) and find the DNS management or zone editor section.
2Choose to add a new record and select TXT as the type.
3In the Name/Host field, enter the subdomain the record should apply to. For the root domain, use or leave it blank (check your provider’s instructions). For DKIM, use (your email provider gives you the selector). For DMARC, use .
4In the Value field, paste the exact text string you were given—do not add extra spaces or characters. For SPF, it starts with . For DKIM, . For DMARC, .
5Set TTL (if asked) to the default, often 3600 seconds (1 hour). Save the record.
6Wait a few minutes for the change to propagate, then run a fresh TechSpy scan to confirm everything is in order.

If someone else manages your DNS (an IT team, web agency, or hosting provider), forward them the exact TXT record name and value. A simple email with “Please add this TXT record to our domain” and the details is enough. You can even send them a link to the TechSpy scan report to show what’s missing.

See how your domain's configuration stacks up.

Get a free scan — no sign-up, no credit card.

Scan Your Domain Free →