TXT records carry free-form text. Originally meant for comments, they've become the load-bearing record type for every modern email and verification protocol.
Common uses:
- SPF —
v=spf1 include:_spf.google.com ~all - DKIM — long base64-encoded public key at
selector._domainkey.yourdomain.com - DMARC —
v=DMARC1; p=quarantine; rua=mailto:...at_dmarc.yourdomain.com - Domain verification — Google, Microsoft, Stripe, Apple, Facebook all use TXT records to prove you control a domain. They give you a string like
google-site-verification=abc123def456; you add it as a TXT record; they verify and you're unlocked. - Misc service config — some applications publish service-specific config via TXT.
You can have many TXT records on the same name. Each value is a separate quoted string (some DNS panels handle that for you, others you have to wrap in quotes manually).
TXT record values are limited to 255 characters per "string" but you can have multiple concatenated strings on one record — relevant for long DKIM keys.