MTA-STS Validator

Background

MTA-STS (RFC8461) is a new standard that makes it possible to send downgrade-resistant email over SMTP. In that sense, it is like an alternative to DANE. It does this by piggybacking on the browser Certificate Authority model. This validator checks whether a domain adheres to the RFC. An alternative validator is Hardenize, which checks for much more than just MTA-STS

To enable Strict Transport Security on your mailserver configure the following things:


Summary

Loading...

Details

MTA-STS TXT record

SMTP-TLSRPT TXT record

Policy file

Certificate check

DANE [experimental]