How to Create a TXT Record and How to Add a TXT Record to DNS?

Among the types of DNS records available, TXT records are widely used among administrators. In this article, we’ll look into what a TXT record is and how you can create it. We’ll also show you its format and how to add a TXT record to DNS. Let’s get started!

What is a DNS TXT Record?

Most DNS records contain machine-readable language. But with a TXT record, an administrator can add both human- and machine-readable languages to the Domain Name System (DNS). 

While TXT records were originally intended to store human-readable notes, they’re often used for email security and domain verification purposes.

What Goes into a TXT Record?

A TXT RR is used to hold descriptive texts, which go into the value field of the TXT record. The text semantics depends on what the administrator wants to attach to the domain. More often than not, the DNS server restricts the size of a TXT record and the amount of text it can store. That’s why you can’t use a TXT record for an enormous amount of data. 

There are several use cases and reasons why you should add a TXT record to the DNS server of your domain. First, TXT records help to verify domain ownership. With a TXT record, the DNS provider requesting verification can query your server and confirm your ownership. 

Another reason to use TXT records is email security. Adding a TXT record can help prevent DNS spoofing and phishing by verifying whether an email is from an authorized domain name. 

Below is an example of a TXT record:

myserver.com record type: value: TTL
@ TXT This site is for project purposes!  3600

TXT Record Formatting

What does a TXT record look like? Well, the Internet Engineering Task Force (IETF) defines a globally acceptable format for storing variables within the value field of a TXT record. The TXT formatting consists of the attribute and value separated by an equal to, all enclosed in a quotation mark as seen below:

“attribute=value”

The below examples are included in the Request for Comment (RFC) 1464 document that defines this format:

host.widgets.com record type value
@ TXT “printer=lpr5”

 

sam.widgets.com record type value
@ TXT “Favorite drink=orange juice”

However, administrators don’t often adopt the above format as they can use their own unique formats to create TXT records. You can also define TXT records in a specific way for purposes like email authentication.

How to Lookup TXT DNS Records

Performing a TXT DNS record lookup is essential to know if the changes made to your TXT record have been published globally. In addition, it verifies whether your domain’s email sender policies (such as SPF or DMARC records) are returned correctly. 

TXT records are configured in the DNS servers, but how do you look up a TXT DNS record? There are two primary ways to do this: Online and locally. You can use online tools like our EasyDMARC DNS Checker to check various DNS records of your domain, including the following types:

Our EasyDMARC DNS Checker is incredibly easy to use. Input your domain name and server provider, then check the TXT box. After that, click the “Lookup Record” to check your TXT records. The results then display as per the below example:

1 pic

You can also look up your TXT records locally on your computer. However, the process depends on your operating system. 

Lookup TXT Records on Windows

Here’s how to look up TXT DNS records on your Windows computer:

  • Go to your command prompt.
  • Type nslookup -q=TXT myserver.com then hit “Enter.”
  • You’ll see the list of TXT records under the “Non Authoritative answer heading.

Lookup TXT Records on MacOS

If you have an Apple computer, look up your DNS TXT records by following these steps:

  • Go to your terminal.
  • Type dig myserver.com TXT, and hit “Enter.”
  • The TXT records are listed under the “Answer Section” heading.

How to Add a TXT Record to DNS

To add a TXT record to your DNS server, you need to identify your domain provider. If you don’t know your provider, use Who is to find out. 

  • Go to https://www.whois.com/.
  • Click on “WHOIS” and enter your domain name in the box.
  • Then click the “SEARCH” button.
  • In the results, locate the nameserver to get the domain provider.
  • Once you confirm your domain provider, follow the guide below to add your TXT record.  
  • Log in to your control panel.
  • Locate the section for updating your DNS records—it could be Managed DNS, Name Server Management,  DNS Management, or Advanced Settings.
  • On the page, click the TXT record option and add the text for your DNS using the format provided earlier. 
  • Save the settings and wait until they propagate. This can take a few minutes, up to 72 hours.

TXT Records and Email Authentication Protocols

Scammers are always out to spoof your domain name and send malicious emails to steal sensitive data. The TXT record is an integral part of email authentication protocols that helps servers validate whether a message is legitimate or not. 

A TXT record can hold public keys and different email security policies, such as Sender Policy Framework (SPF), Domain-based Message Authentication, Reporting & Conformance (DMARC), and Domain Keys Identified Email (DKIM)

By configuring these DNS TXT records, server administrators can make it challenging for hackers to spoof an organization’s domain while monitoring malicious activities.

SPF

Configuring the SFT TXT record will list all the servers authorized to send messages on behalf of a domain.

DKIM

This authentication method gives each email a digital signature using public and private keys, which helps receivers confirm if the owner of the domain sent a message. The public key is stored in the TXT record of the domain.

DMARC

You can use the DMARC TXT record to reference the domain’s SPF and DKIM policies. The purpose of the DMARC record is to inform servers to allow, reject, or quarantine emails to be delivered.

Summary

This article has provided the essentials about TXT records. The DNS TXT record can contain a mix of human- and computer-readable language and offers several benefits, including domain ownership verification, DNS spoofing prevention, and email security. Additionally, you can include any information necessary for your domain. Now you can proceed to add a txt record to the DNS.

Weekly Email Security News Recap #2 [August 2022]

Weekly Email Security News Recap #2 [August 2022]

It takes as less as $25 to create customized hacking tools for compromising systems....

Read More
DDoS vs. DoS Attacks: What’s the Difference?

DDoS vs. DoS Attacks: What’s the Difference?

The internet has made life easier and more convenient. But just like everything, it...

Read More
What is a Cybersecurity Audit and  Why is it Important?

What is a Cybersecurity Audit and  Why is it Important?

If you run a data-driven business, you’ll need a cyber security audit at some...

Read More