Network Diagnostic Tools

TXT Lookup

TXT records, SPF, verification

What is a TXT record?

A TXT record holds arbitrary text in DNS and is widely used for email authentication (SPF), domain-ownership verification and service configuration. A single domain can publish many TXT records at once. Because they are flexible and easy to add, TXT records have become the standard way to attach machine-readable policy and proof to a domain.

What TXT records are used for

Originally meant for free-form notes, TXT records now carry structured data that other systems read. SPF policies list which servers may send mail for the domain. DKIM and DMARC records, published as TXT, authenticate and report on email. Verification strings from Google, Microsoft, Atlassian and countless SaaS tools prove you control the domain. You may also see TXT records for site verification, BIMI or custom application settings. Each serves a different consumer, so a busy domain accumulates many over time.

How to read your TXT lookup results

IPeek returns every TXT record on the domain, each as a quoted string. Identify them by their prefixes: v=spf1 marks an SPF policy, v=DMARC1 a DMARC policy (usually on the _dmarc subdomain), and google-site-verification or similar tokens mark ownership proofs. A long string split across quoted chunks is one logical record concatenated by the resolver. Watch for two SPF records on the same name, which is invalid, and for stale verification tokens from services you no longer use that can safely be cleaned up.

TXT, SPF and email authentication explained

SPF, DKIM and DMARC all live in TXT records and work together to stop spoofing. SPF (v=spf1) declares which IPs and hosts may send mail for your domain; receivers reject or flag anything else. DKIM publishes a public key so receivers can verify a cryptographic signature on each message. DMARC (v=DMARC1, on _dmarc) ties the two together and tells receivers what to do with failures, plus where to send reports. A domain should have exactly one SPF record but can hold many other TXT records alongside it.

Frequently asked questions

Can a domain have more than one TXT record?

Yes, a domain can publish many TXT records simultaneously, and most active domains do. Verification tokens, DMARC policies and application settings often coexist on the same name. The one important exception is SPF: a domain must have only a single SPF (v=spf1) record, because multiple SPF records are invalid and break authentication.

What is an SPF record and how is it stored?

An SPF record is a TXT record beginning with v=spf1 that lists the servers authorized to send email for your domain. Receiving servers check it to decide whether incoming mail genuinely comes from you. It is stored as a normal TXT record on the domain's root name, and a domain must have exactly one.

How are TXT records used for domain verification?

Many services ask you to add a TXT record containing a unique token they provide, then check DNS for it to confirm you control the domain. Google, Microsoft and most SaaS platforms use this method. Once verified, the token can usually stay or be removed; cleaning up unused tokens keeps your DNS tidy.

Why is my long TXT record split into multiple quoted strings?

DNS limits a single TXT string to 255 characters, so longer values are split into several quoted chunks within one record. Resolvers and IPeek concatenate these chunks back into one logical value. This is normal and expected for long DKIM keys or detailed SPF policies; the split has no effect on how the record is read.

What is the difference between SPF, DKIM and DMARC?

All three are email-authentication mechanisms published as TXT records. SPF lists which servers may send for your domain, DKIM adds a cryptographic signature receivers can verify with a published key, and DMARC sets policy for handling failures and requests reports. Used together they make spoofing your domain far harder.

Related tools

Deutsch | English | Español | Français | Italiano | Português | Русский | Українська | 日本語 | 简体中文 | 한국어