When you add a TXT record to your domain's DNS settings, you enter specific values depending on what you're using the TXT record for. Below are the values to use when configuring TXT records for various uses with Google services.
You enter these values at your domain host, not in your Google Admin console. Note also that some hosts use different labels for the name and value fields.
Note: Time to Live (TTL) is the number of seconds before subsequent changes to the TXT record go into effect. This value is 3600 for all TXT records. Learn more
Use caseName/Host/AliasRecord TypeValue/Answer/DestinationDomain verification
Blank or @
TXT
Your unique security token provided in the Google Admin console's verification instructions.
The token is a 68-character string that begins with google-site-verification=, followed by 43 additional characters.
For example:
google-site-verification=
rXOxyZounnZasA8Z7oaD3c14JdjS9aKSWvsR1EbUSIQ
Subdomain verification
The name of your subdomain.
If your subdomain is sub.example.com, write "sub" for the Host.
TXT
Your unique security token provided in the Admin console's verification instructions.
The token is a 68-character string that begins with google-site-verification=, followed by 43 additional characters.
For example:
google-site-verification=
rXOxyZounnZasA8Z7oaD3c14JdjS9aKSWvsR1EbUSIQ
SPF record
Blank or @
TXT
To authorize Google mail servers:
v=spf1 include:_spf.google.com ~all
To authorize an additional mail server, add the server's IP address before just before the ~all argument using the format ip4:address or ip6:address. (See Help prevent email spoofing with SPF records for more details on the SPF format.)
DKIM signing
Text from the DNS Host name (TXT record name) field in the Google Admin console
TXT
Text from the TXT record value field in the Admin console.
DMARC authentication
_dmarc
TXT
v=DMARC1; p=quarantine\; pct=100\; rua=mailto:postmaster@your_domain.com
To allow third-party recipients to monitor, quarantine, or reject all the messages that claim to be from "your_domain.com" and fail the DMARC checks. You must replace "your_domain.com" with your own domain name. Daily aggregate reports will be sent to "postmaster@your_domain.com" (You'll need to specify a valid email address to receive reports for your domain).
TLS reporting
_smtp._tls
TXT
TXT record name: In the first field, under DNS Host name, enter:
_smtp._tls.domain.com
TXT record value: In the second field, enter:
v=TLSRPTv1; rua=mailto:tlsrpt@domain.com
rua: The email address you created to get reports. To get reports at multiple emails, separate the email addresses with commas:
v=TLSRPTv1; rua=mailto:tlsrpt@domain.com,mailto:mts-sts@domain.com
Note: Syntax for the HTTPS report delivery option is described in Report using HTTPS (RFC 8460)
MTA-STS reporting
_mta-sts
TXT
TXT record name: In the first field, under DNS Host name, enter:
_mta-sts.domain.com
TXT record value: In the second field, enter:
v=STSv1; id=20190425085700
id: Must be 1–32 alphanumeric characters. The ID signals to external servers that your domain supports MTA-STS.
You must update the ID to a new, unique value every time you change your MTA-STS policy.
Using Google Workspace at work or school? Try powerful tips—auto-organize your inbox, create dynamic team calendars and project plans, broadcast live events, and more!
- ©2021 Google
- Privacy Policy
- Terms of Service
没有评论:
发表评论