TXT Record
   HOME

TheInfoList



Click Here for Items Related To - TXT Record
OR:
TXT Record on:   [Wikipedia]   [Google]   [Amazon]

A TXT record (short for text record) is a type of
resource record The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned t ...
in the
Domain name system The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...
(DNS) used to provide the ability to associate arbitrary text with a host or other name, such as human readable information about a server, network, data center, or other accounting information. It is also often used in a more structured fashion to record small amounts of machine-readable data into the DNS.


Background

A domain may have multiple TXT records associated with it, provided the DNS server implementation supports this. Each record can in turn have one or more character strings. Traditionally these text fields were used for a variety of non-standardised uses, such as a full company or organisation name, or the address of a host. In 1993 RFC 1464 proposed a simple approach to storing attributes and their values in these text fields. This is now used extensively in: * Verification of domain ownership * Implementation of
Sender Policy Framework Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during the delivery of the email. SPF alone, though, is limited to detecting a forged sender claim in the envelope of the email, which is ...
(SPF) *
DomainKeys Identified Mail DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email (email spoofing), a technique often used in phishing and email spam. DKIM allows the receiver to check that an email claimed ...
(DKIM) records for verifying the sender of
email Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic ( digital) version of, or counterpart to, mail, at a time when "mail" meant ...
messages * Zero-configuration networking DNS-based service discovery * Domain-based Message Authentication, Reporting and Conformance (
DMARC Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. Th ...
) policies Using TXT records to store data for different purposes is not without problems. The DNS protocol specifies that when a client queries for a specific record type (e.g., TXT) for a certain domain name (e.g., example.com), ''all'' records of that type must be returned in the same DNS message. That may lead to large transactions with lots of "unnecessary" information being transferred and/or uncertainty about which TXT record to use. There are two ways around this: to specify a domain name prefix to be used when using TXT records for a specific purpose (e.g., _domainkey.example.com – in the DKIM case) or to create a new record type entirely. The former is "easy" because it doesn't require any changes to the DNS. The latter is sometimes considered "cleaner" as it matches the design of the DNS database model better. In the past, creating new record types was often avoided since it was a complicated procedure in the
IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...
. The reluctance lingers with some people despite the process having been replaced by a much lighter and quicker one.


Format

The structure of the TXT record is specified in as follows. Note that the specification is silent on the subject of character encoding of the text string. It explicitly states that the interpretation of the string is context dependent, and that the data is treated as binary inside the DNS. Later specifications (e.g., – DNS used for service discovery) may require the use of specific encodings for specific purposes. The RDATA section may contain multiple consecutive occurrences of (TXT Length + TXT). Data Length is the length of them all combined. This is the hex returned as part of the DNS response from example.com when queried for TXT records. 0000 34 48 81 a0 00 01 00 02 00 00 00 01 07 65 78 61 0010 6d 70 6c 65 03 63 6f 6d 00 00 10 00 01 c0 0c 00 0020 10 00 01 00 00 54 5f 00 0c 0b 76 3d 73 70 66 31 0030 20 2d 61 6c 6c c0 0c 00 10 00 01 00 00 54 5f 00 0040 21 20 38 6a 35 6e 66 71 6c 64 32 30 7a 70 63 79 0050 72 38 78 6a 77 30 79 64 63 66 71 39 72 6b 38 68 0060 67 6d 00 00 29 02 00 00 00 00 00 00 00 As part of this response, there are two text records, the first of which is shown below (beginning at byte 54). 0000 c0 0c 00 10 00 01 00 00 54 5f 00 0c 0b 76 3d 73 0010 70 66 31 20 2d 61 6c 6c This decodes as follows: As unstructured text, organisations can use the TXT string in any way they define, for example: 
example.com.   IN   TXT   "This domain name is reserved for use in documentation"
defines a structured format that can be used to define attributes and their values in a single record, as in these examples: 
host.widgets.com.   IN   TXT   "printer=lpr5"
sam.widgets.com.    IN   TXT   "favorite drink=orange juice"
In practice, services using TXT records often do not follow this RFC, but instead have their own specific format.


Example usage

The character string from a TXT record used for SPF: "v=spf1 ip4:192.0.2.0/24 ip4:198.51.100.123 ip6:2620:0:860::/46 a -all" An example of use for DMARC: "v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:dmarcreports@example.com;" Use for site verification: "google-site-verification=6P08Ow5E-8Q0m6vQ7FMAqAYIDprkVV8fUf_7hZ4Qvc8" Use for custom email service: _amazonses.example.com. IN TXT "pmBGN/7MjnfhTKUZ06Enqq1PeGUaOkw8lGhcfwefcHU="


See also

*
List of DNS record types This list of DNS record types is an overview of resource records (RRs) permissible in zone files of the Domain Name System The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resour ...
*
DMARC Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. Th ...
*
DKIM DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email (email spoofing), a technique often used in phishing and email spam. DKIM allows the receiver to check that an email claimed ...
*
E-mail authentication Email authentication, or validation, is a collection of techniques aimed at providing verifiable information about the origin of email messages by validating the domain ownership of any message transfer agents (MTA) who participated in transferring ...


References

{{reflist Internet architecture Network addressing Internet governance Internet protocols Internet Standards DNS record types Email authentication Spam filtering