Why do some sites have a TXT record with only a base64 hash code?
It looks like an Exchange federation "proof record". More information here: http://www.expta.com/2011/07/how-to-configure-exchange-2010-sp1.html
Domain Proof records are TXT records created in your domain's external DNS zone. The purpose of these TXT records is to prove the identity of your domain for the trust with the Microsoft Federated Gateway (MFG) server.
Run the following cmdlets from the Exchange Management Shell (EMS) to generate the domain proof values:
Get-FederatedDomainProof -DomainName exchangedelegation.companyabc.com
Get-FederatedDomainProof -DomainName companyabc.com
Repeat the second cmdlet for additional SMTP domains you want to federate, if any.
Each cmdlet will generate a unique Proof value, based on a hash using the Exchange Delegation Federation self-signed certificate. If the MFG can read the domain proof value in an external DNS record and it matches the calculated value, it proves domain ownership and validates the trust.
MS documentation: http://technet.microsoft.com/en-us/library/dd335047.aspx
Anyway, we can use TXT records for anything, or at least that's what I understand reading "The semantics of the text depends on the domain where it is found." (RFC 1035)
In fact, there are several TXT records. If you run
dig microsoft.com TXT:
;; ANSWER SECTION: microsoft.com. 3600 IN TXT "FbUF6DbkE+Aw1/wi9xgDi8KVrIIZus5v8L6tbIQZkGrQ/rVQKJi8CjQbBtWtE64ey4NJJwj5J65PIggVYNabdQ==" microsoft.com. 3600 IN TXT "v=spf1 include:_spf-a.microsoft.com include:_spf-b.microsoft.com include:_spf-c.microsoft.com include:_spf-ssg-a.microsoft.com ip4:220.127.116.11 ip4:18.104.22.168 ip4:22.214.171.124 ip4:126.96.36.199 ip4:188.8.131.52 ~all"
So there is standart SPF record available while an additional header that may have custom purpose e.g. anything the developers/domain managers wanted.