DNS Record Generator
Generate correctly formatted SPF, DMARC, MTA-STS, BIMI, and TLS-RPT records.
GET
/v1/generate
curl "https://dns.toolkitapi.io/v1/generate?domain=toolkitapi.io&type=SPF&spf_includes=_spf.google.com&spf_policy=-all"
import httpx
resp = httpx.get(
"https://dns.toolkitapi.io/v1/generate?domain=toolkitapi.io&type=SPF&spf_includes=_spf.google.com&spf_policy=-all",
)
print(resp.json())const resp = await fetch("https://dns.toolkitapi.io/v1/generate?domain=toolkitapi.io&type=SPF&spf_includes=_spf.google.com&spf_policy=-all", {
});
const data = await resp.json();
console.log(data);# See curl example
Response
200 OK
{
"domain": "toolkitapi.io",
"record_type": "SPF",
"records": [
{
"type": "TXT",
"host": "@",
"value": "v=spf1 include:_spf.google.com -all",
"ttl": 3600,
"explanation": "SPF record authorizing Google Workspace to send email for this domain"
}
]
}Try It Live
Live Demo
Response
Description
Generate correctly formatted SPF, DMARC, MTA-STS, BIMI, and TLS-RPT records.
How to Use
1
1. Set `domain` and `type` (SPF, DMARC, MTA-STS, BIMI, or TLS-RPT). 2. Add type-specific parameters (see below). 3. Copy the generated `value` directly into your DNS provider.
About This Tool
DNS Record Generator creates correctly formatted DNS records from simple parameters. No more syntax errors in TXT records — just provide the inputs and get copy-paste-ready records for SPF, DMARC, MTA-STS, BIMI, and TLS-RPT.
Why Use This Tool
- Email setup — Generate SPF and DMARC records for a new domain
- Security hardening — Create MTA-STS and TLS-RPT records
- Brand identity — Generate BIMI records for logo-in-email
- Migration — Generate new records when switching email providers
Frequently Asked Questions
Can I generate multiple record types at once?
No — one type per request. Make separate calls for SPF, DMARC, etc.
What SPF policy should I use?
Start with `~all` (softfail) during testing, then switch to `-all` (hard fail) once you've verified all legitimate senders are included.
What's a good DMARC starting point?
Start with `p=none` and `rua` set to receive aggregate reports. Once you see all legitimate email passing, move to `quarantine` then `reject`.
Start using DNS Record Generator now
Get your free API key and make your first request in under a minute.