[mattsouth]

Is it good hygiene to delete these records once they've served their purpose (i.e. validating control of the domain in question)? Or do these records server more than that use?

[welder]

Some services do periodic re-checks of the record and un-verify the domain if the record was removed.

[pul]

As they should. If a domain name changes hands, the previous owner should have its ownership verification revoked.

[ta1243]

But the new owner could just duplicate the entries, to avoid that you have to periodically revalidate with a new entry.

[rjmunro]

I think it's more about the opposite. If you are the new owner, you don't want the old owner to continue to have access to features connected to your new domain.

So as a new owner you would want to remove the tokens.

[ta1243]

Intriguing, hadn't considered that way round!. spf especially is something you'd have to update

Presumably services pay attention to the TTL, so services don't have to constantly refresh.

[m3047]

There should be a mechanism to have the validating party revoke the code they gave you. (Right?)

[MiscIdeaMaker99]

SPF, DKIM, and DMARC data lives in TXT records that must stay there forever; otherwise, you'll have problems delivering your email.