What’s the correct syntax for quotes and spaces?
Still have a question, spotted an error, or have a better explanation or a source we should cite?
You've copied your SPF or DKIM value from a setup guide, pasted it into your DNS provider's interface, and now you're staring at a field wondering: do I include those quote marks or not? It depends on the provider, and getting it wrong causes silent failures that are genuinely frustrating to debug.
Here's the core thing to understand. In DNS, quotes around a TXT record value are delimiters, not part of the content itself. The actual value your record publishes is the text inside the quotes. Some DNS providers want you to paste the value with quotes included. Others add quotes automatically and expect you to paste the bare value without them. Paste with quotes into a provider that auto-adds them and you end up with double-quotes, which breaks things.
A quick cheat sheet by behavior:
- Cloudflare. Paste the bare value, no outer quotes. Cloudflare adds them when it publishes the record.
- GoDaddy. Paste the bare value, no outer quotes. The interface handles wrapping.
- Namecheap. Paste bare value in most record types. Always double-check the final published record.
- Route 53 (AWS). Expects quotes included when you're editing raw record sets. If you use the guided form, omit them.
- Google Domains / Squarespace DNS. Paste the bare value without quotes.
The safest approach is to verify your published record after saving. Run a dig lookup or use an online checker and look at the raw output. You should see the value wrapped in one set of quotes. If you see two sets of quotes (like ""v=spf1 include:example.com ~all""), you've got double-quoting and need to remove the outer ones from your input.
What about spaces? Spaces inside a single TXT string are fine and preserved exactly as entered. The issue comes with concatenated strings, which is when a long record gets split into multiple quoted segments side by side (like "string one" "string two"). DNS resolvers join them automatically, but a stray extra space between the segments or inside the wrong part of the string can cause your SPF or DKIM value to fail validation. If you're copying a long value that's already been split into chunks, paste it exactly as shown and don't add spaces between the quoted parts.
The most common errors people run into:
- Double-quoting. You included quotes and the provider added more. The published record looks like
""v=spf1..."". - Truncation. A long value got cut off mid-string because the provider silently hit a character limit without warning.
- Extra internal spaces. A copy-paste from a PDF or formatted doc introduced a double space inside the value, which breaks parsing.
If you want a quick sanity check on your SPF record after saving, you can run it through our free SPF checker. It'll show you exactly what's published and flag any syntax issues. For everything else (DKIM, DMARC, headers), the email header analyzer can help you trace what actually got sent versus what you intended.
Still seeing errors after checking? The next question worth reading covers how DNS providers differ in TXT handling more broadly, which might explain exactly where your setup is going sideways.
Contributors
Who worked on this answer
Every name links to their profile. Every company links to their site. Real people, real accountability.